Overview

overview

7

Static

static

3

041b21f96a...13.exe

windows7-x64

7

041b21f96a...13.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 03:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    041b21f96aedf46b3b14cc5b37ab5a13.exe

  • Size

    156KB

  • MD5

    041b21f96aedf46b3b14cc5b37ab5a13

  • SHA1

    93f061a5b8d828ac1652c7a28ca3b05d30be889b

  • SHA256

    1507606fe76b473d96a52ca8553b669a9b319554179cb750685e303342ab88f5

  • SHA512

    4b6507bb5c56a2730aac4c733924aedf5dd188ed961b47d09c208d3fa979d10a71ab05e2b04751c6508c4a8e7b657c2b197cc6dd38dc2afc0741faa4a2716419

  • SSDEEP

    3072:SWuo48+vMlp8cp3qalccmSGzGdbeVIPvl5RAoQDMDkZ:soec8aacmhGs45NoZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\041b21f96aedf46b3b14cc5b37ab5a13.exe
    "C:\Users\Admin\AppData\Local\Temp\041b21f96aedf46b3b14cc5b37ab5a13.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:748
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\sdfkb.bat
      2⤵
        PID:4936

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\sdfkb.bat
            Filesize

            420B

            MD5

            a50a77f05e9e1167d0ed2004474c2e8b

            SHA1

            79e8c86d80fc3131df4d02f973618d9efe833a10

            SHA256

            a5659bcb4b767793ab5b1c3b8f502786a3ed3c2b1f89701c5f69c64a7b02a950

            SHA512

            495f02b3034755762c7aa5dc8b9f9a60e3f6ed01b4f5f713d325ee4504e0fcdae05b36cc8bb82b34e33ba0ab08a4009d7412f635c7904526b10a0acf3d856f6b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\sdfkb~.tmp
            Filesize

            156KB

            MD5

            041b21f96aedf46b3b14cc5b37ab5a13

            SHA1

            93f061a5b8d828ac1652c7a28ca3b05d30be889b

            SHA256

            1507606fe76b473d96a52ca8553b669a9b319554179cb750685e303342ab88f5

            SHA512

            4b6507bb5c56a2730aac4c733924aedf5dd188ed961b47d09c208d3fa979d10a71ab05e2b04751c6508c4a8e7b657c2b197cc6dd38dc2afc0741faa4a2716419

            Download Submit