d06d958f07a54daadd1268fabee77c9f6d68812ada05963bd2532f4622832e92

Analysis

max time kernel
2s
max time network
8s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12/02/2024, 03:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

962f5ac66fae1f8f1fc2af2f1df7aca9.exe
Size

2.3MB
MD5

962f5ac66fae1f8f1fc2af2f1df7aca9
SHA1

3057a2680c6217ff568012481b4b2dc70faf8f60
SHA256

d06d958f07a54daadd1268fabee77c9f6d68812ada05963bd2532f4622832e92
SHA512

c4ec61211b0ba0049ab011343687e0726a024bf0f3134a1b6ab1a045c5c2a639293a67933c327a2da7298682840876821f102dbca55c1d1d1326e4e002094ace
SSDEEP

49152:EQFRHrmQG+yrPrmQG+K+yrPrwrPrmQG+KKrPx:EcK+/e

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
736	idtxeh.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4848 wrote to memory of 736	4848	962f5ac66fae1f8f1fc2af2f1df7aca9.exe	84
PID 4848 wrote to memory of 736	4848	962f5ac66fae1f8f1fc2af2f1df7aca9.exe	84
PID 4848 wrote to memory of 736	4848	962f5ac66fae1f8f1fc2af2f1df7aca9.exe	84

C:\Users\Admin\AppData\Local\Temp\962f5ac66fae1f8f1fc2af2f1df7aca9.exe
"C:\Users\Admin\AppData\Local\Temp\962f5ac66fae1f8f1fc2af2f1df7aca9.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4848
- C:\Users\Admin\AppData\Local\Temp\idtxeh.exe
  C:\Users\Admin\AppData\Local\Temp\idtxeh.exe -run C:\Users\Admin\AppData\Local\Temp\962f5ac66fae1f8f1fc2af2f1df7aca9.exe
  2⤵
  - Executes dropped EXE
  PID:736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\idtxeh.exe

Filesize
1024KB

MD5
53b26634890b12aa8d2f4fb170944439

SHA1
7a51688769caa8ed5fa9d926464facf616822e26

SHA256
a769b745291804e4adf9a7033fbc3464da5f838164db6e7d1438b177e292a114

SHA512
c0cae77c6fd13020c2c2b5cbada8390372b3ac6f62af013be13306f1a81a151aa58f820f89941db82f83fd95a0ab7208416f94e8079eadd608f26e6a708331ef

Download Submit
C:\Users\Admin\AppData\Local\Temp\idtxeh.exe

Filesize
385KB

MD5
4463692fa119e59e295d553650d34328

SHA1
a2ca9f9330e2b45e1775e232c8a51210fa66f778

SHA256
7fac989a8a4a9c1a72672c9c33e6e394a568c637cc3158425dcd655d62a39c34

SHA512
3029becb11b77e7b16bcc588f23fd16e444f970554a99186ceecf87cab6157ce92b7a91d44c9a43bd9ce493d1e27a888f9ee4f8ea5521d4f7b4eb595156607ba

Download Submit
memory/736-45-0x00000000021B0000-0x00000000021B1000-memory.dmp

Filesize
4KB

Download
memory/736-46-0x0000000003D00000-0x0000000003D01000-memory.dmp

Filesize
4KB

Download
memory/736-44-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/736-43-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/736-42-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/4848-23-0x00000000025B0000-0x00000000025B1000-memory.dmp

Filesize
4KB

Download
memory/4848-27-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/4848-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

Filesize
4KB

Download
memory/4848-10-0x0000000002380000-0x0000000002381000-memory.dmp

Filesize
4KB

Download
memory/4848-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

Filesize
8KB

Download
memory/4848-12-0x0000000002550000-0x0000000002551000-memory.dmp

Filesize
4KB

Download
memory/4848-13-0x0000000002510000-0x0000000002511000-memory.dmp

Filesize
4KB

Download
memory/4848-14-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/4848-15-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/4848-17-0x00000000024F0000-0x00000000024F1000-memory.dmp

Filesize
4KB

Download
memory/4848-18-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/4848-20-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/4848-19-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/4848-22-0x00000000025D0000-0x00000000025D1000-memory.dmp

Filesize
4KB

Download
memory/4848-21-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/4848-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4848-24-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/4848-26-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/4848-25-0x00000000025A0000-0x00000000025A1000-memory.dmp

Filesize
4KB

Download
memory/4848-8-0x00000000023A0000-0x00000000023A1000-memory.dmp

Filesize
4KB

Download
memory/4848-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

Filesize
24KB

Download
memory/4848-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-36-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-39-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4848-41-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/4848-40-0x00000000022D0000-0x0000000002320000-memory.dmp

Filesize
320KB

Download
memory/4848-7-0x0000000002360000-0x0000000002361000-memory.dmp

Filesize
4KB

Download
memory/4848-4-0x0000000002340000-0x0000000002341000-memory.dmp

Filesize
4KB

Download
memory/4848-6-0x0000000002330000-0x0000000002331000-memory.dmp

Filesize
4KB

Download
memory/4848-5-0x0000000002370000-0x0000000002371000-memory.dmp

Filesize
4KB

Download
memory/4848-2-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/4848-3-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download
memory/4848-1-0x00000000022D0000-0x0000000002320000-memory.dmp

Filesize
320KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads