Overview

overview

5

Static

static

3

05abbbdaad...d4.exe

windows7-x64

5

05abbbdaad...d4.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    92s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/02/2024, 02:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4.exe

  • Size

    708KB

  • MD5

    d4268c3c648476b05ca063fb5cda3a82

  • SHA1

    2f48912c32f903e3d2a4015212f5387d2427aed4

  • SHA256

    05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4

  • SHA512

    4ba2d692b2400db60ed106b85ce7eee19c2ae01e1be79b61abc6b354062acab2f2c7a6e0a245a61278205de358898a5828769cf0de2eebaeafd818c8d2f4ebf3

  • SSDEEP

    12288:xqjk/w35wcGwE6L1EQelUkB/TvCYbAv4coPnKM8n9iX:xspswdLyQeakBrzGPoPnKM8n

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4.exe
    "C:\Users\Admin\AppData\Local\Temp\05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:3556
    • C:\Users\Admin\AppData\Local\Temp\05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4.exe
      C:\Users\Admin\AppData\Local\Temp\05abbbdaad1d1c4f197392458a3aa7e6aac6ab950e1f6839caae3135837600d4.exe
      2⤵
        PID:4920

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3556-0-0x0000000000110000-0x00000000001C6000-memory.dmp

            Filesize

            728KB

            Download

          • memory/3556-1-0x00007FFDA6C70000-0x00007FFDA7731000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/3556-2-0x000000001BC30000-0x000000001BC40000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3556-3-0x000000001BC40000-0x000000001BC5A000-memory.dmp

            Filesize

            104KB

            Download

          • memory/3556-4-0x00007FFDA6C70000-0x00007FFDA7731000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/3556-6-0x000000001BFD0000-0x000000001BFE0000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3556-5-0x000000001BC60000-0x000000001BC72000-memory.dmp

            Filesize

            72KB

            Download

          • memory/3556-7-0x000000001E630000-0x000000001E6B4000-memory.dmp

            Filesize

            528KB

            Download

          • memory/3556-10-0x00007FFDA6C70000-0x00007FFDA7731000-memory.dmp

            Filesize

            10.8MB

            Download