Analysis
-
max time kernel
19s -
max time network
36s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
30-12-2023 05:08
General
-
Target
0f99e862c8db88bbc85a573eb665f6a3.exe
-
Size
21KB
-
MD5
0f99e862c8db88bbc85a573eb665f6a3
-
SHA1
6010851118b3ea3495daab4c86c79b4f7d09829b
-
SHA256
158235bd0d096bcfe730c3d51c3205b1a724cb7fb6792bbc771fddceed8dfff6
-
SHA512
413bd8fcef3e709bff8180ec70eba3f8e7868703bf2a08ac1ca58cc5a959ca67412254d4820d8f1f496ca5ad2432080f7b898320d3cb9ff4d1f1b29e7c243b46
-
SSDEEP
384:q7XZiECNtZLUNMcU71MWx4CpWwwoQhRZcLq0xmie5ioCSOHZYAUJMhFY:q7piEMLUNMKuWwwoQZ0a5BC/UJMhFY
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in System32 directory 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0f99e862c8db88bbc85a573eb665f6a3.exe"C:\Users\Admin\AppData\Local\Temp\0f99e862c8db88bbc85a573eb665f6a3.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\anymie360.exeC:\Windows\system32\anymie360.exe2⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
21KB
MD50f99e862c8db88bbc85a573eb665f6a3
SHA16010851118b3ea3495daab4c86c79b4f7d09829b
SHA256158235bd0d096bcfe730c3d51c3205b1a724cb7fb6792bbc771fddceed8dfff6
SHA512413bd8fcef3e709bff8180ec70eba3f8e7868703bf2a08ac1ca58cc5a959ca67412254d4820d8f1f496ca5ad2432080f7b898320d3cb9ff4d1f1b29e7c243b46