Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13/02/2024, 04:19
General
-
Target
9875cba5390d0aa5d92b3719a0d7754c.exe
-
Size
807KB
-
MD5
9875cba5390d0aa5d92b3719a0d7754c
-
SHA1
7953d8c713ee7f212383f9995d078bf47b379fb1
-
SHA256
3d9a9414c40684d4d7d85b17e7a7e75164a0376b436e6d9d18a128d2f09dc4d2
-
SHA512
31ce379c0209f5fcefa12ac8535c3bc4081fb4e2cc9aaa12acf65f35a30d3b8be3ac942e52ad169e332f01250872f51ce2f6b4547f44306a04874103c9e62eed
-
SSDEEP
12288:Ng1k7vHz6TTrzPxVoWvVY4jDWrwL2bzqS6ZSDnJBQl7DsV75j/jhOpi:qMcXzIyWsL2bzB6ZSDIl7Ds/rj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9875cba5390d0aa5d92b3719a0d7754c.exe"C:\Users\Admin\AppData\Local\Temp\9875cba5390d0aa5d92b3719a0d7754c.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9875cba5390d0aa5d92b3719a0d7754c64.exe"C:\Users\Admin\AppData\Local\Temp\9875cba5390d0aa5d92b3719a0d7754c64.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
668KB
MD58a8a246d274ae2e82a71ee64d1d5275f
SHA113bd0f93c2f4d84d36bb944ad83b55a625bfd85e
SHA2560de494ef1e39dc2a2c2f548f7967075fe912608ccc0c1b94eaedd5e926df2721
SHA51257ab0d2c3731d3fe3b77ddddaa31cbe8e9d08e730f58d00d3541f70b63a37b718e7dcc0dfaf316df28fe8d903940f74e54d262598d86487672677fada05d9b9b