6700fa87ca2b78135222ca53ab1b9229c17f84775c1e81ec85f1a12454fac890 | Triage

Analysis

max time kernel
145s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 07:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

12252fdd60e44eb601bd65ebc02b367e.exe
Size

649KB
MD5

12252fdd60e44eb601bd65ebc02b367e
SHA1

e10bd9ec3a9f213da04a2c421f552c3e2e232b7f
SHA256

6700fa87ca2b78135222ca53ab1b9229c17f84775c1e81ec85f1a12454fac890
SHA512

a5c5d938531f935d139e59729549a6a6324d85884c06f403e0b61970a3f8a13abea0a2198d6ae80215eeb14c0304d0c4afb5e164e25dc0bae133b10fdf37c674
SSDEEP

12288:A3dZLboVWD5ljoz+toidOWDBcSKq3MYg19:GXLbSQltB1mq3MN

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 5 IoCs

pid	Process
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe

Suspicious use of SendNotifyMessage 5 IoCs

pid	Process
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe
4544	12252fdd60e44eb601bd65ebc02b367e.exe

C:\Users\Admin\AppData\Local\Temp\12252fdd60e44eb601bd65ebc02b367e.exe
"C:\Users\Admin\AppData\Local\Temp\12252fdd60e44eb601bd65ebc02b367e.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4544-0-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download
memory/4544-4-0x0000000000400000-0x00000000004A8000-memory.dmp

Filesize
672KB

Download
memory/4544-6-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download