bacf009632a3029bb75721a4de318e47dee953bb782b286d1241f0cf54b3cfe2 | Triage

Analysis

max time kernel
1559s
max time network
1565s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28-02-2024 21:47

Sharing

Report Analysis Logs

General

Target

ursa-cli.exe
Size

3.1MB
MD5

af76c9416034c270635f71283dbbeb7a
SHA1

e17e472918af36aa54df52827290c4a8998d76ac
SHA256

fde204f8814a46577b3b72beac84fe816e4efd0e510ee49a8ef31f005f8a1732
SHA512

59347d89de9ff78eaa626b753f07b656373d43491044e5c123f968720c4906b89f5a3df8997faa112aad1256d4f17de733611ce76ec98c7824ac9f8866e266c0
SSDEEP

49152:Ag5MOTtDaSZ4k+XPWJThamE9Onzd1qmpF7+9CmVPe86zhcZyc6gUo6ZGHBkYZbNP:5dBaSHSPccOr/fR+ozO4

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2908	ursa-cli.exe

C:\Users\Admin\AppData\Local\Temp\ursa-cli.exe
"C:\Users\Admin\AppData\Local\Temp\ursa-cli.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2908-0-0x0000000000880000-0x0000000000BA4000-memory.dmp

Filesize
3.1MB

Download