Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-02-2024 13:38

General

  • Target

    ObfuscatedBy_GoArmor.exe

  • Size

    5.3MB

  • MD5

    bb1e8c9b44176941ddf3c33188a967d2

  • SHA1

    0b9b55a8a767e0d182be28f62296a96386c45d17

  • SHA256

    8d065d06a730228c3aed55719f8f6849598cc0e38fe4bbc692a0a3c6ecab1ea0

  • SHA512

    030f38477c24bb1b32b6ded9f76bdbf191c29b2f96b618757b70c2138b0f6a377173df3230d1c889c0a73f2f0b07e39d433990817a3537457b7e98c769217759

  • SSDEEP

    49152:b+BFTFc8kdotEIOXQhwPPeaXx1q+K3HYVpgZ5Evoo23JstwdAbvynOsYfOC0obzr:CLFcFVdK34gPEwo23JJAPnIQx

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ObfuscatedBy_GoArmor.exe
    "C:\Users\Admin\AppData\Local\Temp\ObfuscatedBy_GoArmor.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4548
    • C:\Windows\system32\cmd.exe
      cmd /c cls
      2⤵
        PID:5116

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads