400da31156c05f430d306f7d164a305dd747b952b51c3e77e24dd32715a0fca8 | Triage

Analysis

max time kernel
120s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
10-01-2024 09:54

Sharing

Report Analysis Logs

General

Target

504086c4edc8197f2c56cf28a01a5263.exe
Size

48KB
MD5

504086c4edc8197f2c56cf28a01a5263
SHA1

a23a90a97de350c152766bfa07b10ad7aac97689
SHA256

400da31156c05f430d306f7d164a305dd747b952b51c3e77e24dd32715a0fca8
SHA512

34e8b0de937e6e3191b139b02718b7726a91118132d5a565d92f9b7d8cac00a90c3bb52dbd8de4944b838f2ba0ec2472c92558d3328f131e9fd1467ca107c63f
SSDEEP

1536:5smE1nefqKcq+oPmib863gbNsKzZnZO87:OLKcqEiblgbNxZF

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2128 wrote to memory of 2196	2128	504086c4edc8197f2c56cf28a01a5263.exe	28
PID 2128 wrote to memory of 2196	2128	504086c4edc8197f2c56cf28a01a5263.exe	28
PID 2128 wrote to memory of 2196	2128	504086c4edc8197f2c56cf28a01a5263.exe	28
PID 2128 wrote to memory of 2196	2128	504086c4edc8197f2c56cf28a01a5263.exe	28

C:\Users\Admin\AppData\Local\Temp\504086c4edc8197f2c56cf28a01a5263.exe
"C:\Users\Admin\AppData\Local\Temp\504086c4edc8197f2c56cf28a01a5263.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2128
- C:\Users\Admin\AppData\Local\Temp\504086c4edc8197f2c56cf28a01a5263.exe
  C:\Users\Admin\AppData\Local\Temp\504086c4edc8197f2c56cf28a01a5263.exe
  2⤵
  PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads