Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 01:08
General
-
Target
158775456cdce344eb16d58c936ad474.exe
-
Size
412KB
-
MD5
158775456cdce344eb16d58c936ad474
-
SHA1
dd45a92eac4ea52c6dd328fc175816953b5b6c29
-
SHA256
68f97e984b03f389fd5f13b69d27b6ff3f7d416f03f16867acd633aa66ec376e
-
SHA512
b61135afafd0826d4e1146f3ccece179139307fbd63fc0b42ce590860c881201eddc799cfe19c05590dcecb238f04ae8df9c2174edd2526c9157d9fa95eddbe2
-
SSDEEP
6144:UooTAQjKG3wDGAeIc9kphIoDZnSRnFpHptBPRvCXMvVeot7DIIm/qIOqjzwxkP:U6PCrIc9kph5yz3qXRP/qInnEk
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\158775456cdce344eb16d58c936ad474.exe"C:\Users\Admin\AppData\Local\Temp\158775456cdce344eb16d58c936ad474.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3B2C.tmp"C:\Users\Admin\AppData\Local\Temp\3B2C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\158775456cdce344eb16d58c936ad474.exe 23635C7F837E5CD23DE591C2762944A563F0B058DA71E1785BD6FF62ADF362D1202161E7B13F0684376B14244A29D8377EB655719867F7407EFAF024742C45C52⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5a1fa15b882df3f8bb5dbef41ecf8f14d
SHA1425bf604a2e47b5ebd80d60efbcef9ba84ba7589
SHA256918136e1af80cec220ea9b44a3287f72c099daebcedcb138f0fdcd96a0a83e4f
SHA512c2cdb56017f7f7182f621a8c6b25cb9dcebf7b431c4f0290601b1c0ec23f4c7e073812c9fd9dd8a46ac8323e2c4755ed58915675b6105e558f4df8c26defe78d