Overview

overview

3

Static

static

3

00a372ad88...19.exe

windows7-x64

1

00a372ad88...19.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2023 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00a372ad88153fa9e2d7b0407bd25319.exe

  • Size

    10KB

  • MD5

    00a372ad88153fa9e2d7b0407bd25319

  • SHA1

    97ff14742ab9abc3a1d91e80e798fcd1783035a0

  • SHA256

    cfe6f161142ec021468b6ddeecf6f92c2a3f331ab373cf4a6efc1288ddb15757

  • SHA512

    bf122a32544e6875d0f80932f06e13a845cc12836e54051a59e67f488695d931c137ca1f1bbbe2c15252b006a90d4ae24d9d38a4568412127494a50a09b7262f

  • SSDEEP

    96:Y1rfkv7jgKhRTGhjKyV7nS62sQC4o4fOYyTSzm9izZp43Z9N8:grfkvBTG9KyV7SM4o4feeEEZpaH8

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\00a372ad88153fa9e2d7b0407bd25319.exe
    "C:\Users\Admin\AppData\Local\Temp\00a372ad88153fa9e2d7b0407bd25319.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4356
    • C:\Windows\SysWOW64\WScript.exe
      WScript C:\Users\Admin\AppData\Local\Temp\240632078.vbs
      2⤵
        PID:2260

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\240632078.vbs
      Filesize

      79B

      MD5

      b4ca4f1134d0c1bed3d98644967c06ec

      SHA1

      0b3ece27f591036bf5c9b465e2975f3c685e47a7

      SHA256

      b6d8037e7d8dd5436d2227c526fe939322e6779f6111ca2b225ad16dcfbdd969

      SHA512

      fbc391964b5861db81d638cca1dde707bd49a6839f0cedeeefe8a4def8a57fcb7c20dbf6adc3cb20a828acf1679c1f725efd551eac230f2f8f9f19b10699e3b4

      Download Submit