Analysis
-
max time kernel
147s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
31/12/2023, 01:13
General
-
Target
22a0d03004ce9192ccac0a5376c88f95.exe
-
Size
28KB
-
MD5
22a0d03004ce9192ccac0a5376c88f95
-
SHA1
63a6108932ee27dab26b62dcdd96908a26983d73
-
SHA256
d02cddc3ab9442d4b5f9dc6238b6b64003fe22d6f6d4c60f3f04462b5b0da887
-
SHA512
7ca78e5ac1bdb9572e27de8f9b3b99194a4470c05102ede582291aff12ecf7278d49c2b641a91735a6b9d409bb6fd007070ed057c44710dfa06f93a183d3a780
-
SSDEEP
768:2JF6G7mgAzcqYqMpSunLlzHeHa5H5J46Wo8cnLj:2j6edA4zRYZ6Wo8cn
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in Windows directory 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\22a0d03004ce9192ccac0a5376c88f95.exe"C:\Users\Admin\AppData\Local\Temp\22a0d03004ce9192ccac0a5376c88f95.exe"1⤵
- Adds Run key to start application
- Drops file in Windows directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\ctfmon32.exe"C:\Windows\ctfmon32.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
28KB
MD522a0d03004ce9192ccac0a5376c88f95
SHA163a6108932ee27dab26b62dcdd96908a26983d73
SHA256d02cddc3ab9442d4b5f9dc6238b6b64003fe22d6f6d4c60f3f04462b5b0da887
SHA5127ca78e5ac1bdb9572e27de8f9b3b99194a4470c05102ede582291aff12ecf7278d49c2b641a91735a6b9d409bb6fd007070ed057c44710dfa06f93a183d3a780