c7b70c4bd6b9c021658a37fb4d2619551ef433d4180a9cd1cc003f780489c09f

Analysis

max time kernel
142s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 22:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3f513304022f93f6c6e46864e2f3c350.exe
Size

5.8MB
MD5

3f513304022f93f6c6e46864e2f3c350
SHA1

93920a2488a044c5830b809e447471340c1ebfe6
SHA256

c7b70c4bd6b9c021658a37fb4d2619551ef433d4180a9cd1cc003f780489c09f
SHA512

e9c9f0f500e424d561a6ffe2c776bc43eb0c4105190702d9ecba241aab1e0c6e1e3ae2cc6e82dd54a81c192cb7129cc3809de2e9d16ef5048fc9bf1ecf1a998c
SSDEEP

98304:QzUEwxAHHx0hIMQj2zbQ9gALigGRca9BkzDXb5hI5VvItkr1uvh3ybxCj:OUOihV9zbQ9fLDGj9avb26Or4J3/j

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2328	3f513304022f93f6c6e46864e2f3c350.tmp

Loads dropped DLL 2 IoCs

pid	Process
2328	3f513304022f93f6c6e46864e2f3c350.tmp
2328	3f513304022f93f6c6e46864e2f3c350.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5988 wrote to memory of 2328	5988	3f513304022f93f6c6e46864e2f3c350.exe	89
PID 5988 wrote to memory of 2328	5988	3f513304022f93f6c6e46864e2f3c350.exe	89
PID 5988 wrote to memory of 2328	5988	3f513304022f93f6c6e46864e2f3c350.exe	89

C:\Users\Admin\AppData\Local\Temp\3f513304022f93f6c6e46864e2f3c350.exe
"C:\Users\Admin\AppData\Local\Temp\3f513304022f93f6c6e46864e2f3c350.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5988
- C:\Users\Admin\AppData\Local\Temp\is-LMVDQ.tmp\3f513304022f93f6c6e46864e2f3c350.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-LMVDQ.tmp\3f513304022f93f6c6e46864e2f3c350.tmp" /SL5="$B0208,5819643,54272,C:\Users\Admin\AppData\Local\Temp\3f513304022f93f6c6e46864e2f3c350.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-IBNL0.tmp\itdownload.dll

Filesize
200KB

MD5
d82a429efd885ca0f324dd92afb6b7b8

SHA1
86bbdaa15e6fc5c7779ac69c84e53c43c9eb20ea

SHA256
b258c4d7d2113dee2168ed7e35568c8e03341e24e3eafc7a22a0d62e32122ef3

SHA512
5bf0c3b8fa5db63205a263c4fa5337188173248bef609ba4d03508c50db1fd1e336f3041ce96d78cc97659357a83e6e422f5b079d893a20a683270e05f5438df

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-LMVDQ.tmp\3f513304022f93f6c6e46864e2f3c350.tmp

Filesize
688KB

MD5
67c5a4f36e1c91a3b85e440edd7ad026

SHA1
e49ea0e558ed682498cc61b3070e4c402fbf0912

SHA256
99c299d6565ab53d9af66e0146737dc0ecfbc52ecf4740825b552db0cc4210c6

SHA512
40522d4645ece0db9888ea40d1a11356aa5efc191184a0b97cb54a6c243532b1fc306e9095bbfa1f5dc02c8e52b709650230d1383532136e56caea3dc19a973e

Download Submit
memory/2328-28-0x0000000006770000-0x0000000006771000-memory.dmp

Filesize
4KB

Download
memory/2328-38-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/2328-16-0x0000000003A70000-0x0000000003AAC000-memory.dmp

Filesize
240KB

Download
memory/2328-19-0x00000000066E0000-0x00000000066E1000-memory.dmp

Filesize
4KB

Download
memory/2328-20-0x00000000066F0000-0x00000000066F1000-memory.dmp

Filesize
4KB

Download
memory/2328-21-0x0000000006700000-0x0000000006701000-memory.dmp

Filesize
4KB

Download
memory/2328-23-0x0000000006060000-0x0000000006061000-memory.dmp

Filesize
4KB

Download
memory/2328-22-0x0000000006710000-0x0000000006711000-memory.dmp

Filesize
4KB

Download
memory/2328-25-0x0000000006730000-0x0000000006731000-memory.dmp

Filesize
4KB

Download
memory/2328-24-0x0000000006720000-0x0000000006721000-memory.dmp

Filesize
4KB

Download
memory/2328-26-0x0000000006750000-0x0000000006751000-memory.dmp

Filesize
4KB

Download
memory/2328-27-0x0000000006760000-0x0000000006761000-memory.dmp

Filesize
4KB

Download
memory/2328-9-0x0000000000650000-0x0000000000651000-memory.dmp

Filesize
4KB

Download
memory/2328-76-0x0000000003A70000-0x0000000003AAC000-memory.dmp

Filesize
240KB

Download
memory/2328-32-0x00000000067B0000-0x00000000067B1000-memory.dmp

Filesize
4KB

Download
memory/2328-34-0x00000000067D0000-0x00000000067D1000-memory.dmp

Filesize
4KB

Download
memory/2328-36-0x0000000006740000-0x0000000006741000-memory.dmp

Filesize
4KB

Download
memory/2328-33-0x00000000067C0000-0x00000000067C1000-memory.dmp

Filesize
4KB

Download
memory/2328-35-0x0000000006050000-0x0000000006051000-memory.dmp

Filesize
4KB

Download
memory/2328-31-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/2328-30-0x0000000006790000-0x0000000006791000-memory.dmp

Filesize
4KB

Download
memory/2328-40-0x0000000000650000-0x0000000000651000-memory.dmp

Filesize
4KB

Download
memory/2328-29-0x0000000006780000-0x0000000006781000-memory.dmp

Filesize
4KB

Download
memory/2328-39-0x0000000003A70000-0x0000000003AAC000-memory.dmp

Filesize
240KB

Download
memory/5988-37-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/5988-0-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads