7bf5decbdd12381cc4e2ed035779cf9dc13023bbe1548c1316c393837e4727b9 | Triage

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 16:41

Sharing

Report Analysis Logs

General

Target

2deb74f30e119ba2a0f4a7c5454a1d51.exe
Size

13KB
MD5

2deb74f30e119ba2a0f4a7c5454a1d51
SHA1

98b7ce69eeda05b2413534bb192c03b97713028b
SHA256

7bf5decbdd12381cc4e2ed035779cf9dc13023bbe1548c1316c393837e4727b9
SHA512

6a1c8a1979edf885159b13eae694e9a4a2b3802cc1d3d7eb60fa63e8d892ddf1152f42f44f90ce3985b6492e9031d4668c2f44a52a3bc3ebd29d5666ba060768
SSDEEP

384:7QNTbZzzCRcKVQatn8UNQIcEiCGZcvU0:0NTRCRcKpNQInkZ8p

Score

1^/10

Malware Config

Signatures

Suspicious behavior: LoadsDriver 5 IoCs

pid
4
4
4
4
4

C:\Users\Admin\AppData\Local\Temp\2deb74f30e119ba2a0f4a7c5454a1d51.exe
"C:\Users\Admin\AppData\Local\Temp\2deb74f30e119ba2a0f4a7c5454a1d51.exe"
1⤵
PID:2464

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv
1⤵
PID:3144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2464-0-0x0000000006000000-0x0000000006005000-memory.dmp

Filesize
20KB

Download
memory/2464-2-0x0000000006000000-0x0000000006005000-memory.dmp

Filesize
20KB

Download
memory/2464-12-0x0000000006000000-0x0000000006005000-memory.dmp

Filesize
20KB

Download