Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
21/02/2024, 04:25
General
-
Target
b916dbf4c1ab40b6def075bfcb123fa5.exe
-
Size
428KB
-
MD5
b916dbf4c1ab40b6def075bfcb123fa5
-
SHA1
61ce12d729e8a30f0155c61209d8633182d9164c
-
SHA256
4d764f4a9aeeb974560d0fe4b5c91564b3ed3d4931697bc8061211c2da7434d3
-
SHA512
50aa49c563a0e97b219f6f141a2d0b6facd33df993165b734b5e1e8c79829fb532a4de2b002cc13761a223591c1ca86aede0139456da495188a10f4ee814b923
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFV9IR19BtpcQ+JAewV4GdhyTh+W5PyqHR:gZLolhNVyE89o9NcQzewCEC+WwqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe"C:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\1333.tmp"C:\Users\Admin\AppData\Local\Temp\1333.tmp" --pingC:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe AA2DDFBD0E39DF65700DE12E1BF428D45D7EA9C38572C6348E7549D7E0645F2CDD974458E2F7303DCB2C2FA57DAE13FFD18F99B60C68F5545A925BAC246F71052⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5cfc45e4824237ed3fc272a5fd0ff7412
SHA1dae451ac6a4da80d89741f1d5fa658a853e135d3
SHA256b0b1fc776f645f9894231141110cb715d3fe1b3e96b41cd6dfab0d554c00a967
SHA5123893e44fbc004bfaa320fba867e01a831a2cf6c81b070fe38933621b07875703fad95f9766796110fe8f56de2f64448a5ea27ad3a9e7c4d0f2ee9651d021eb6c