5a65aa47f6237b4bb3ce71e965a64df22ad64ea2364f9811c0c8f37a35b9286d

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 13:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3741770fb2159e392df01de58af00235.exe
Size

2.0MB
MD5

3741770fb2159e392df01de58af00235
SHA1

11cc637f7cba68a53d23bfecd05590a6fc60e8b9
SHA256

5a65aa47f6237b4bb3ce71e965a64df22ad64ea2364f9811c0c8f37a35b9286d
SHA512

1bdad311fa2bbb688f2566074be03a554c573c1fa78106d43df4b76f34d7b15a560683e1e0981c89ba9ae994764e3e54308b072ac1d9a8dfa7813796e1456529
SSDEEP

49152:5a+jy1OVV38OqtnGfaV0lA+sE6AoeuH0t1lLJdpinXBgJ:QXOVY9caVYjsKotHkdgRgJ

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4700	3741770fb2159e392df01de58af00235.tmp

Loads dropped DLL 4 IoCs

pid	Process
4700	3741770fb2159e392df01de58af00235.tmp
4700	3741770fb2159e392df01de58af00235.tmp
4700	3741770fb2159e392df01de58af00235.tmp
4700	3741770fb2159e392df01de58af00235.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 324 wrote to memory of 4700	324	3741770fb2159e392df01de58af00235.exe	17
PID 324 wrote to memory of 4700	324	3741770fb2159e392df01de58af00235.exe	17
PID 324 wrote to memory of 4700	324	3741770fb2159e392df01de58af00235.exe	17

C:\Users\Admin\AppData\Local\Temp\3741770fb2159e392df01de58af00235.exe
"C:\Users\Admin\AppData\Local\Temp\3741770fb2159e392df01de58af00235.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:324
- C:\Users\Admin\AppData\Local\Temp\is-8S4M6.tmp\3741770fb2159e392df01de58af00235.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-8S4M6.tmp\3741770fb2159e392df01de58af00235.tmp" /SL5="$D0060,1686916,54272,C:\Users\Admin\AppData\Local\Temp\3741770fb2159e392df01de58af00235.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:4700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/324-2-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/324-46-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/324-0-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/4700-37-0x0000000003AF0000-0x0000000003AF1000-memory.dmp

Filesize
4KB

Download
memory/4700-35-0x0000000003AD0000-0x0000000003AD1000-memory.dmp

Filesize
4KB

Download
memory/4700-44-0x0000000003A60000-0x0000000003A61000-memory.dmp

Filesize
4KB

Download
memory/4700-43-0x0000000003A50000-0x0000000003A51000-memory.dmp

Filesize
4KB

Download
memory/4700-42-0x0000000003B40000-0x0000000003B41000-memory.dmp

Filesize
4KB

Download
memory/4700-41-0x0000000003B30000-0x0000000003B31000-memory.dmp

Filesize
4KB

Download
memory/4700-40-0x0000000003B20000-0x0000000003B21000-memory.dmp

Filesize
4KB

Download
memory/4700-39-0x0000000003B10000-0x0000000003B11000-memory.dmp

Filesize
4KB

Download
memory/4700-38-0x0000000003B00000-0x0000000003B01000-memory.dmp

Filesize
4KB

Download
memory/4700-28-0x0000000003A70000-0x0000000003A71000-memory.dmp

Filesize
4KB

Download
memory/4700-36-0x0000000003AE0000-0x0000000003AE1000-memory.dmp

Filesize
4KB

Download
memory/4700-45-0x0000000003A80000-0x0000000003A81000-memory.dmp

Filesize
4KB

Download
memory/4700-34-0x0000000003AC0000-0x0000000003AC1000-memory.dmp

Filesize
4KB

Download
memory/4700-33-0x0000000003AB0000-0x0000000003AB1000-memory.dmp

Filesize
4KB

Download
memory/4700-32-0x0000000003AA0000-0x0000000003AA1000-memory.dmp

Filesize
4KB

Download
memory/4700-31-0x0000000003A90000-0x0000000003A91000-memory.dmp

Filesize
4KB

Download
memory/4700-27-0x0000000003A40000-0x0000000003A41000-memory.dmp

Filesize
4KB

Download
memory/4700-26-0x0000000003A30000-0x0000000003A31000-memory.dmp

Filesize
4KB

Download
memory/4700-7-0x0000000002200000-0x0000000002201000-memory.dmp

Filesize
4KB

Download
memory/4700-48-0x0000000003740000-0x000000000377C000-memory.dmp

Filesize
240KB

Download
memory/4700-47-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/4700-23-0x0000000003740000-0x000000000377C000-memory.dmp

Filesize
240KB

Download
memory/4700-49-0x0000000002200000-0x0000000002201000-memory.dmp

Filesize
4KB

Download
memory/4700-55-0x0000000003740000-0x000000000377C000-memory.dmp

Filesize
240KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads