36ee9d0f917f7b01cc2db6d875f23f707eab739accdc0019a1695ccffeab7614

Analysis

max time kernel
152s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29-12-2023 22:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

05ff68340f922b2e1ff07d4060d30aba.exe
Size

385KB
MD5

05ff68340f922b2e1ff07d4060d30aba
SHA1

32f53e230ddb7acda9c6c13e4723a957489930a7
SHA256

36ee9d0f917f7b01cc2db6d875f23f707eab739accdc0019a1695ccffeab7614
SHA512

19f2e951495c89ba917966215ad985ec15028e42258ab73c612beb19f9be79c78656d2b4d6d2904deb803712495a92772472ee5330a73a037e567d47a8ca0c93
SSDEEP

6144:Wb57P0UHF2idZecnl20lHRxp3g9TDe/bwgBt1bo7Hk4jpgjY8jBkFIM6HAAg:WFg6F3Z4mxxhUe3ajec8VFgJ

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5084 wrote to memory of 4440	5084	05ff68340f922b2e1ff07d4060d30aba.exe	90
PID 5084 wrote to memory of 4440	5084	05ff68340f922b2e1ff07d4060d30aba.exe	90
PID 5084 wrote to memory of 4440	5084	05ff68340f922b2e1ff07d4060d30aba.exe	90

C:\Users\Admin\AppData\Local\Temp\05ff68340f922b2e1ff07d4060d30aba.exe
"C:\Users\Admin\AppData\Local\Temp\05ff68340f922b2e1ff07d4060d30aba.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5084
- C:\Windows\SysWOW64\wscript.exe
  wscript.exe /B "C:\Users\Admin\AppData\Local\Temp\GKEY02125487.jse"
  2⤵
  PID:4440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\GKEY02125487.jse

Filesize
17KB

MD5
d0b991db1a13ea0769ce2fc6cb782f6a

SHA1
6ddd86560bbe0302ac0ac057c5f2be07c8e6b273

SHA256
7f1ef7c298975cb73a49a59b9a7ca2a98aa21266e1b2c68798917d3acf5092c4

SHA512
17d77d41ea3234289e25814e77fea5f103aae04ccda03fd942d63e013a0f4572a1d03470d22b042ff62f13a1c29cc6ce710325833bfe7fb284071af927b73a12

Download Submit
memory/5084-21-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download
memory/5084-19-0x00000000024B0000-0x00000000024B1000-memory.dmp

Filesize
4KB

Download
memory/5084-8-0x00000000022F0000-0x00000000022F1000-memory.dmp

Filesize
4KB

Download
memory/5084-0-0x0000000000400000-0x0000000000478000-memory.dmp

Filesize
480KB

Download
memory/5084-20-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/5084-18-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/5084-33-0x0000000003540000-0x0000000003541000-memory.dmp

Filesize
4KB

Download
memory/5084-32-0x0000000003530000-0x0000000003531000-memory.dmp

Filesize
4KB

Download
memory/5084-31-0x0000000003460000-0x0000000003461000-memory.dmp

Filesize
4KB

Download
memory/5084-30-0x0000000003470000-0x0000000003471000-memory.dmp

Filesize
4KB

Download
memory/5084-29-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/5084-28-0x0000000002220000-0x0000000002221000-memory.dmp

Filesize
4KB

Download
memory/5084-27-0x0000000002210000-0x0000000002211000-memory.dmp

Filesize
4KB

Download
memory/5084-26-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/5084-25-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/5084-24-0x0000000002510000-0x0000000002511000-memory.dmp

Filesize
4KB

Download
memory/5084-35-0x0000000000400000-0x0000000000478000-memory.dmp

Filesize
480KB

Download
memory/5084-6-0x0000000002290000-0x0000000002291000-memory.dmp

Filesize
4KB

Download
memory/5084-23-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/5084-16-0x0000000002450000-0x0000000002451000-memory.dmp

Filesize
4KB

Download
memory/5084-15-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/5084-14-0x00000000024D0000-0x00000000024D1000-memory.dmp

Filesize
4KB

Download
memory/5084-13-0x0000000002480000-0x0000000002481000-memory.dmp

Filesize
4KB

Download
memory/5084-12-0x00000000024A0000-0x00000000024A1000-memory.dmp

Filesize
4KB

Download
memory/5084-11-0x0000000003440000-0x0000000003444000-memory.dmp

Filesize
16KB

Download
memory/5084-10-0x0000000002320000-0x0000000002321000-memory.dmp

Filesize
4KB

Download
memory/5084-9-0x0000000003450000-0x0000000003451000-memory.dmp

Filesize
4KB

Download
memory/5084-7-0x0000000002300000-0x0000000002301000-memory.dmp

Filesize
4KB

Download
memory/5084-5-0x00000000022A0000-0x00000000022A1000-memory.dmp

Filesize
4KB

Download
memory/5084-4-0x0000000002310000-0x0000000002311000-memory.dmp

Filesize
4KB

Download
memory/5084-3-0x00000000022C0000-0x00000000022C1000-memory.dmp

Filesize
4KB

Download
memory/5084-2-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/5084-1-0x0000000002230000-0x0000000002284000-memory.dmp

Filesize
336KB

Download
memory/5084-22-0x0000000002550000-0x0000000002551000-memory.dmp

Filesize
4KB

Download
memory/5084-36-0x0000000002230000-0x0000000002284000-memory.dmp

Filesize
336KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads