Analysis
-
max time kernel
143s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
21/02/2024, 04:25
General
-
Target
b916dbf4c1ab40b6def075bfcb123fa5.exe
-
Size
428KB
-
MD5
b916dbf4c1ab40b6def075bfcb123fa5
-
SHA1
61ce12d729e8a30f0155c61209d8633182d9164c
-
SHA256
4d764f4a9aeeb974560d0fe4b5c91564b3ed3d4931697bc8061211c2da7434d3
-
SHA512
50aa49c563a0e97b219f6f141a2d0b6facd33df993165b734b5e1e8c79829fb532a4de2b002cc13761a223591c1ca86aede0139456da495188a10f4ee814b923
-
SSDEEP
6144:gVdvczEb7GUOpYWhNVynE/mFV9IR19BtpcQ+JAewV4GdhyTh+W5PyqHR:gZLolhNVyE89o9NcQzewCEC+WwqHR
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe"C:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7D7D.tmp"C:\Users\Admin\AppData\Local\Temp\7D7D.tmp" --pingC:\Users\Admin\AppData\Local\Temp\b916dbf4c1ab40b6def075bfcb123fa5.exe 8F5D7F50F75E4E846AD21EB789BE814696DFCAE7C3FD7CF7A60DB4F3D0FF8424E173B0346D08DFAC27E601EE1F787DE18CC1BECB2FF5F27E209FE67F244F44F72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5f514bbf9eb52953717ac2c369f2c431e
SHA10520f2f3574315458b235d2697fc610e4bc45e58
SHA256487a63d48a2ca2240565fe59b5abbd053d1a6960ecc211417eeb4d29da194b79
SHA51244f7b412581a9cc24df9ea57f309ce19ff75082a6040bf61361b8d3539d8e26e5351a28d0c3776b0a7aac6957384cd6678d4f15bf4ff9cf6fc8e9bf24f27cb2a