49c24b627e5b543eecb9160eb5d9b8b890dfde0147c44c8c756830944c312927 | Triage

Analysis

max time kernel
146s
max time network
110s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
01/01/2024, 20:31

Sharing

Report Analysis Logs

General

Target

3dd075805826e4aeadc29c560ac83995.exe
Size

2KB
MD5

3dd075805826e4aeadc29c560ac83995
SHA1

7ece98ff1703ae66c7e85f3bab66d151aaafb1f9
SHA256

49c24b627e5b543eecb9160eb5d9b8b890dfde0147c44c8c756830944c312927
SHA512

d0746ae230a4360a8733a55f5e1d758a678826320eeb74ace25d60bc0c7953d208761d06a59a1853c069ea440c9804586d4de0a83a40416c6cfa537320750f09

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3536 wrote to memory of 3848	3536	3dd075805826e4aeadc29c560ac83995.exe	17
PID 3536 wrote to memory of 3848	3536	3dd075805826e4aeadc29c560ac83995.exe	17
PID 3536 wrote to memory of 3848	3536	3dd075805826e4aeadc29c560ac83995.exe	17

C:\Users\Admin\AppData\Local\Temp\3dd075805826e4aeadc29c560ac83995.exe
"C:\Users\Admin\AppData\Local\Temp\3dd075805826e4aeadc29c560ac83995.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3536
- C:\Windows\SysWOW64\cmd.exe
  cmd
  2⤵
  PID:3848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads