Analysis
-
max time kernel
146s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
13-02-2024 04:23
General
-
Target
c66cc315d022bcab0243b224ac754bf1.exe
-
Size
433KB
-
MD5
c66cc315d022bcab0243b224ac754bf1
-
SHA1
beaeefe92df6828410ed861ff6d4d67b2fb5d26d
-
SHA256
6a307b88041641bc9ef04eb9a2db6dfb532c94de17c15744cdb57f08a69fd940
-
SHA512
f830cb524741e3315512b4f782b5464eb8d1fbf67c1d3481015c91827c9fa98dd1614a456890d15aa96d61c37105cafa469ce9d81f8f774a5c7a8726893181e2
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtviK1d+D34U/Jk2SFtEfpiQ0i7y4QRR4DLJoL:Ci4g+yU+0pAiv+T1d6ho67zpzkMYHn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe"C:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4DC2.tmp"C:\Users\Admin\AppData\Local\Temp\4DC2.tmp" --helpC:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe 1B102516C7245A10A7F529C8688BE83C593112ABEE05E76658980C6D9CB4E6FA37000B4E48C5D792499377FE1A11E729C2FA961424B95017FC6DA8E9331ED4E62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD52f72ebcf4b2291914d49cb17c8bb9384
SHA1f88bb67673018e9e7ae82a540655a9fa9892e3c4
SHA2561cd18b2e29c9932e5bd43f47e3a22f87023bf6441c95b7c8b5860bbfed09d12a
SHA512791ba0d92bf163e4fdb7f72245dff8776a59b6a6bc96ccd473492f66f2224db676f773d7cb85bd8298470328695445f1544db029bdaf6b9450d4419d9c0da465