16fa2176e16026131bf1a5e88e52b440695471731309e0cd5f4fa91a574c0a15

Analysis

max time kernel
3s
max time network
104s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 02:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

241fbda025a3ea88fbd4da598a336db7.exe
Size

1.1MB
MD5

241fbda025a3ea88fbd4da598a336db7
SHA1

0ca3fa4316bfa2e733ea59a642615b1d04d2ac02
SHA256

16fa2176e16026131bf1a5e88e52b440695471731309e0cd5f4fa91a574c0a15
SHA512

9a880f8f830103379ca808e4a065ff4b2f7b78c4af011ab97bbf3be5010b6e977962d234eea6078e49e99e5a5750e32e1e6deedd5871afc2c2686337059f4d99
SSDEEP

24576:4WvknOMEfy2YzKCmjTEVfvtBVBFz1PIETrH6jROQ4iQi:4UeOMm2CXEVfjDh1jEO7di

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
5064	Setup.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2708 wrote to memory of 5064	2708	241fbda025a3ea88fbd4da598a336db7.exe	17
PID 2708 wrote to memory of 5064	2708	241fbda025a3ea88fbd4da598a336db7.exe	17
PID 2708 wrote to memory of 5064	2708	241fbda025a3ea88fbd4da598a336db7.exe	17

C:\Users\Admin\AppData\Local\Temp\241fbda025a3ea88fbd4da598a336db7.exe
"C:\Users\Admin\AppData\Local\Temp\241fbda025a3ea88fbd4da598a336db7.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2708
- C:\Users\Admin\AppData\Local\Temp\a2IV0dgfTc\3hZ1Lh3g\Setup.exe
  C:\Users\Admin\AppData\Local\Temp\a2IV0dgfTc\3hZ1Lh3g\Setup.exe --relaunch
  2⤵
  - Executes dropped EXE
  PID:5064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2708-2-0x0000000000400000-0x000000000051E914-memory.dmp

Filesize
1.1MB

Download
memory/2708-8-0x0000000000400000-0x000000000051E914-memory.dmp

Filesize
1.1MB

Download
memory/2708-18-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-26-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-36-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-46-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-57-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-64-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-65-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-63-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-62-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-61-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-60-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-59-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-58-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-56-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-55-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-203-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-54-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-53-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-52-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-51-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-50-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-49-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-48-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-47-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-45-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-44-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-43-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-42-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-41-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-40-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-39-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-38-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-37-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-35-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-34-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-33-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-32-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-31-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-30-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-29-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-28-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-27-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-25-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-24-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-23-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-22-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-21-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-20-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-19-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-17-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-16-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-15-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-14-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-13-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-12-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-11-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-10-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-9-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-7-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-1-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-0-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/2708-846-0x0000000002230000-0x000000000232D000-memory.dmp

Filesize
1012KB

Download
memory/5064-425-0x0000000000400000-0x000000000051E914-memory.dmp

Filesize
1.1MB

Download
memory/5064-618-0x0000000001FB0000-0x00000000020AD000-memory.dmp

Filesize
1012KB

Download
memory/5064-837-0x0000000001FB0000-0x00000000020AD000-memory.dmp

Filesize
1012KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads