Analysis
-
max time kernel
93s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 04:00
General
-
Target
d82c1e8899695b1aab7e38377b0fc4ad.exe
-
Size
486KB
-
MD5
d82c1e8899695b1aab7e38377b0fc4ad
-
SHA1
f27791db68b5f6b8485f61bfd25f0f93c31e67cc
-
SHA256
55c5a3a07376a83a5b224730b52fe48d1a823fe5c8f14b4974df3e9ac60aa2e4
-
SHA512
578938b851b3883c126c11ff48e603a7d2a1dec7525fdcad34186707739ca439487e9d7bcb472024b2678777d57de6273c5cb5264c6abba2df05fc4f74c5ab6f
-
SSDEEP
12288:3O4rfItL8HPw6iv6Q/CK+vpss5vQNO9goFrne7rKxUYXhW:3O4rQtGPNK+BjIM9Ne3KxUYXhW
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe"C:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\33E1.tmp"C:\Users\Admin\AppData\Local\Temp\33E1.tmp" --helpC:\Users\Admin\AppData\Local\Temp\d82c1e8899695b1aab7e38377b0fc4ad.exe D108C09C841C5074EC1020C52A3B29797E13BC3D2198DD7A8311C2CFE75CD5F13E6D3AACB9185F8BA8548DF1943B90CB6C56153E7524691AA66E8E4C4D0FC56E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
486KB
MD555cca67fdf9bcb83c99bb5a73b50473e
SHA1c291c93948d092021f567d44705704664dd81b6d
SHA2562a0b2da7ed1ff6ee8f76e0de715f39d3e6bb7023907d5582bb0d18814357529d
SHA5127d072fa233a1c111a2b235fce74550f44ed37241d8389b0f1a4f9779f29ba8f4d51870d93fad12b1930918774c111c223385fc2e634b601d3740cb03c6014d40