Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
24-02-2024 04:00
General
-
Target
d82c1e8899695b1aab7e38377b0fc4ad.exe
-
Size
486KB
-
MD5
d82c1e8899695b1aab7e38377b0fc4ad
-
SHA1
f27791db68b5f6b8485f61bfd25f0f93c31e67cc
-
SHA256
55c5a3a07376a83a5b224730b52fe48d1a823fe5c8f14b4974df3e9ac60aa2e4
-
SHA512
578938b851b3883c126c11ff48e603a7d2a1dec7525fdcad34186707739ca439487e9d7bcb472024b2678777d57de6273c5cb5264c6abba2df05fc4f74c5ab6f
-
SSDEEP
12288:3O4rfItL8HPw6iv6Q/CK+vpss5vQNO9goFrne7rKxUYXhW:3O4rQtGPNK+BjIM9Ne3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe"C:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\D0B.tmp"C:\Users\Admin\AppData\Local\Temp\D0B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe 7EAB5011F74D6F63BE9BC0176AE72AD31E76ECE3766D25E9A6B1DC60A84BE0D14F749F14CAB150ADC4C27CA3BEDEFB047EC3FA5BCC4F9450CFD3EF1D9C3819EC2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD5b9ec423ceb567317f1267e94c7bb30db
SHA185e65edac0d6f363f63e40dc52d56d9ff541ba6c
SHA256f2941f8259a6990961871965c24ec62f7359466f91ae00a68aafe6fccfca0e84
SHA512a8841d7f3582f981969fcfa12e9ce61d657bc8033839b9a8b958dca1d2c871598c5aa66e2f6e000942a1fd5defd87e9f540bfa181f54bce7b4c3ac8923a5ccfa