244f5391b6f3ffc701ba75766023421bcd8b0cb1046611993285b6545a099e93 | Triage

Analysis

max time kernel
46s
max time network
16s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
27-01-2024 01:07

Sharing

Report Analysis Logs

General

Target

Radiant.exe
Size

105KB
MD5

3b15530ecdf5c5013a8d7109dbf6a7b1
SHA1

d6f5b60b9caca68f3dd9f3508114537bab293a52
SHA256

244f5391b6f3ffc701ba75766023421bcd8b0cb1046611993285b6545a099e93
SHA512

356ef0ec9a89ee71fe2acd7c2cf82ca3a8666f7bca22cb1d3cc5913c06ffbc5c499049d2588ec3170f838a091e6e8b74f66ead8bd47f664b9c8926220921fc8d
SSDEEP

3072:Eo3Yj+8JlFCumUbyJlKP8HRvkduTK5Nrh2o9Dj0fmoQ:zQ+IFCumUGekHRvEuO3go9kfnQ

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2656 wrote to memory of 2800	2656	Radiant.exe	28
PID 2656 wrote to memory of 2800	2656	Radiant.exe	28
PID 2656 wrote to memory of 2800	2656	Radiant.exe	28

C:\Users\Admin\AppData\Local\Temp\Radiant.exe
"C:\Users\Admin\AppData\Local\Temp\Radiant.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2656
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2656 -s 56
  2⤵
  PID:2800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2656-0-0x0000000140000000-0x0000000140021000-memory.dmp

Filesize
132KB

Download