Analysis
-
max time kernel
132s -
max time network
169s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
12-02-2024 02:52
General
-
Target
a211bc4fe1d22f9fe1621794fb93c411.exe
-
Size
433KB
-
MD5
a211bc4fe1d22f9fe1621794fb93c411
-
SHA1
f8209fcc2c18864825e1463a8aba872010e04a08
-
SHA256
e66f61ad628da85542211e9d1c58f9ec30db267a3a9e427a7c9d828a5e66c589
-
SHA512
bf1c71f90c624ed32aa8a50335f6fc1ab6aad80353d81ea8580f57c6747d37a41c0ef8743b20bf6e716ac9ce183a08b0cfb8e53e28c48b732206fff3f21de072
-
SSDEEP
12288:Ci4g+yU+0pAiv+FTcT6mLNcAb+dqnfXI+/0An:Ci4gXn0pD+FTcdbpfFMg
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a211bc4fe1d22f9fe1621794fb93c411.exe"C:\Users\Admin\AppData\Local\Temp\a211bc4fe1d22f9fe1621794fb93c411.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\48CC.tmp"C:\Users\Admin\AppData\Local\Temp\48CC.tmp" --helpC:\Users\Admin\AppData\Local\Temp\a211bc4fe1d22f9fe1621794fb93c411.exe 228B0F615120368606B3368D48F21A83A319F6A7CCBE19FC27D5404A0A8F6C302D56B035BE40E79852DAD7AC90612DE234CA9742546071FE4D9B7CDAE1E531DA2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD52d665f1fbd9685bb30762e0e7d1325ab
SHA11f02b79d34542a237af5011e93485c92d90c7590
SHA256217ca874a9db895982297f4ede6d9f4e280036e4048f55f3dc692b226b152caf
SHA512f0f13edb41e2153a7c8568225d6c037cabc24f523b5b8b0c281683d7a80f9d972f61ae832f687406a3dff3689b2d490530d6866b8608282d58330464b4727c2a