d43cb57ce860c48554eaa46a4b5d05fe2f31fb5744a0f5d771bf178baf02d4b7 | Triage

Analysis

max time kernel
94s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
18/01/2024, 16:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

657f2f9363cf88e23cf1bfb4b955a08f.exe
Size

72KB
MD5

657f2f9363cf88e23cf1bfb4b955a08f
SHA1

7d818ce91c1657ac75bea34b05e596193574217a
SHA256

d43cb57ce860c48554eaa46a4b5d05fe2f31fb5744a0f5d771bf178baf02d4b7
SHA512

019e6f1dc53949023bf05bf16aae986c4e3787694828566f1c5a1d15c83a2757922f8dc0ab2ebce17220ba7e8a3d6ddd6ec04f18df46b8f98d8443896b13ee4e
SSDEEP

1536:SlqCs+EEuBp5xH4xDzkK2xX0vqcEv64DEU:l+GBu8xk14Dt

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\657f2f9363cf88e23cf1bfb4b955a08f.exe.xdt	657f2f9363cf88e23cf1bfb4b955a08f.exe
File created	C:\Windows\SysWOW64\657f2f9363cf88e23cf1bfb4b955a08f.exe	657f2f9363cf88e23cf1bfb4b955a08f.exe
File opened for modification	C:\Windows\SysWOW64\ntsp32.dll.xdt	657f2f9363cf88e23cf1bfb4b955a08f.exe
File created	C:\Windows\SysWOW64\ntsp32.dll	657f2f9363cf88e23cf1bfb4b955a08f.exe

C:\Users\Admin\AppData\Local\Temp\657f2f9363cf88e23cf1bfb4b955a08f.exe
"C:\Users\Admin\AppData\Local\Temp\657f2f9363cf88e23cf1bfb4b955a08f.exe"
1⤵
- Drops file in System32 directory
PID:4844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4844-0-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/4844-7-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download