355a39d1ccb7dff628826655dd864f74dcfef8b0aab22852102188fd470b9673 | Triage

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
07/01/2024, 10:00

Sharing

Report Analysis Logs

General

Target

v2/welcomer.exe
Size

804KB
MD5

0e37b177bcfb3ba3d695ee27a36fe368
SHA1

3ffe371380fd8dfe5d246a2783a1fd32c4aa715d
SHA256

a9b1d89828e0d96327380a4ecf343703a3f8ef04e88cb392c4ed4466450bbf54
SHA512

201a9c356747ecc2b72ff5cc1b0112b5e0c0dcf6fdba3d19da1015a3023fffb5ce747009f84977df3b83575481e9fc7afcd292a9c620807186baf07e31fd19aa
SSDEEP

12288:X4W4izT4jU/ORk/bmcBRlB/2rIo8ooKTuBrbdlqQ46uWywmPJ:XCizy2BlvXkI1ooKTuB1lqQ46YwmPJ

Score

7^/10

Malware Config

Signatures

Drops startup file 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\welcomer.exe	welcomer.exe
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\welcomer.exe	welcomer.exe

C:\Users\Admin\AppData\Local\Temp\v2\welcomer.exe
"C:\Users\Admin\AppData\Local\Temp\v2\welcomer.exe"
1⤵
- Drops startup file
PID:3888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads