ba5b68832883ef9117ffb61eb503ae8314fc85c6da04575bdd537bda4d88d8c9

Analysis

max time kernel
143s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
18/01/2024, 05:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

648914213cfcd96d276ca22aaf7f0613.exe
Size

8.2MB
MD5

648914213cfcd96d276ca22aaf7f0613
SHA1

98a8ac342b903b183fcc12ff3a99fa66e96b0661
SHA256

ba5b68832883ef9117ffb61eb503ae8314fc85c6da04575bdd537bda4d88d8c9
SHA512

cff35b2225fdac5b076b324f66747b9bae472aa3c0cd662bd2e3a9bbe099f4acc6b86e9d63cec4998b5c3b751d076b20fc42df344c673bb13c2a0fdba3cfd88c
SSDEEP

49152:EQFRHrmQG+yrY+Fr/rcrsrmQG+yrY+FrZG+yrY+Fr5rcrsrmQG+yrY+FrZG+yrYr:EcKwhZN

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3464	drmyn.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3464	drmyn.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
3464	drmyn.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3464	drmyn.exe
3464	drmyn.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5892 wrote to memory of 3464	5892	648914213cfcd96d276ca22aaf7f0613.exe	88
PID 5892 wrote to memory of 3464	5892	648914213cfcd96d276ca22aaf7f0613.exe	88
PID 5892 wrote to memory of 3464	5892	648914213cfcd96d276ca22aaf7f0613.exe	88

C:\Users\Admin\AppData\Local\Temp\648914213cfcd96d276ca22aaf7f0613.exe
"C:\Users\Admin\AppData\Local\Temp\648914213cfcd96d276ca22aaf7f0613.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5892
- C:\Users\Admin\AppData\Local\Temp\drmyn.exe
  C:\Users\Admin\AppData\Local\Temp\drmyn.exe -run C:\Users\Admin\AppData\Local\Temp\648914213cfcd96d276ca22aaf7f0613.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\drmyn.exe

Filesize
196KB

MD5
21648171b8a064fd19d561951ee53575

SHA1
d286a2dac30ab464b8919c6b3f4081f6b5ea8353

SHA256
84d649f1f446ccc9be9bebc9374e8280495cb1658ed7df06f1ff987241c08e31

SHA512
ad1d18cd7a70650a26e4fb7611a119b2696f8c1e71ff1f2d7d299b02ab34084502e7924daf1766f1613fc6a02a28f3aac37f373db308ac2c19d96f4c4adcb691

Download Submit
C:\Users\Admin\AppData\Local\Temp\drmyn.exe

Filesize
111KB

MD5
537dbd2df614ad55917fc3a821df6e50

SHA1
b584845b369e2cc6a0a630be2192c9435fa3dc8d

SHA256
76f6ba780211a28060ecb7ecc53acf8ae80da6f1b862887c9483ddba797fa12c

SHA512
a1220a2416ce02889fb4386220c496a1d5d871b923515ad9cecd2fc365d20662e6a498d40bc0d160709e4e9003930d6205dbe7757a6698139945e16f37039fb9

Download Submit
memory/3464-64-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-57-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-52-0x0000000002C50000-0x0000000002C56000-memory.dmp

Filesize
24KB

Download
memory/3464-62-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-63-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-67-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-66-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-65-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-53-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-68-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-61-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-59-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-60-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-58-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-56-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-55-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-54-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3464-144-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5892-47-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-35-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-51-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-49-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-48-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5892-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5892-41-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-44-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-39-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

Filesize
24KB

Download
memory/5892-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

Filesize
8KB

Download
memory/5892-12-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/5892-13-0x0000000002410000-0x0000000002411000-memory.dmp

Filesize
4KB

Download
memory/5892-2-0x00000000023A0000-0x00000000023A1000-memory.dmp

Filesize
4KB

Download
memory/5892-3-0x0000000002300000-0x0000000002301000-memory.dmp

Filesize
4KB

Download
memory/5892-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-36-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-50-0x0000000002320000-0x0000000002370000-memory.dmp

Filesize
320KB

Download
memory/5892-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5892-27-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/5892-26-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/5892-25-0x00000000025B0000-0x00000000025B1000-memory.dmp

Filesize
4KB

Download
memory/5892-24-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/5892-23-0x00000000025C0000-0x00000000025C1000-memory.dmp

Filesize
4KB

Download
memory/5892-22-0x00000000025D0000-0x00000000025D1000-memory.dmp

Filesize
4KB

Download
memory/5892-21-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/5892-20-0x0000000002580000-0x0000000002581000-memory.dmp

Filesize
4KB

Download
memory/5892-19-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/5892-18-0x0000000002420000-0x0000000002421000-memory.dmp

Filesize
4KB

Download
memory/5892-17-0x00000000023F0000-0x00000000023F1000-memory.dmp

Filesize
4KB

Download
memory/5892-16-0x0000000002540000-0x0000000002541000-memory.dmp

Filesize
4KB

Download
memory/5892-14-0x0000000002400000-0x0000000002401000-memory.dmp

Filesize
4KB

Download
memory/5892-10-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/5892-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

Filesize
4KB

Download
memory/5892-8-0x00000000023B0000-0x00000000023B1000-memory.dmp

Filesize
4KB

Download
memory/5892-7-0x0000000002370000-0x0000000002371000-memory.dmp

Filesize
4KB

Download
memory/5892-6-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/5892-5-0x0000000002380000-0x0000000002381000-memory.dmp

Filesize
4KB

Download
memory/5892-4-0x00000000022F0000-0x00000000022F1000-memory.dmp

Filesize
4KB

Download
memory/5892-1-0x0000000002320000-0x0000000002370000-memory.dmp

Filesize
320KB

Download