Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02-03-2024 23:32

General

  • Target

    Trojan/4mm psy/4mm psy.exe

  • Size

    6KB

  • MD5

    529ef7f53e3fd61c1cad2c7ecf8b1c6d

  • SHA1

    d67ef17f5389fa2e38f2acdf9f703be88b1773f7

  • SHA256

    aa761ff437cee15e503fd70fda87dbdd04329ac4614477cf4670babd6c2bee02

  • SHA512

    d996473bee9724bce5293c6bf711efa6a01f23aebdf60926a01bca44fa257eeb49935b4113ee9b65fbbc0d2754689009b9b03ebb4962426c53dabe9f3c2787b9

  • SSDEEP

    48:0Pzuz3/foXeYDjyaAYqMettsQSaJiTi8xLEcztPLb3b3vr5vEuu6P+65I6FPrSh:0P67TeuaABBDSyst9pvr51V+65vDs

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Trojan\4mm psy\4mm psy.exe
    "C:\Users\Admin\AppData\Local\Temp\Trojan\4mm psy\4mm psy.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1268
    • C:\Windows\SysWOW64\cmd.exe
      /c ""C:\Users\Admin\AppData\Local\Temp\259399835.bat" "
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2288
      • C:\Windows\SysWOW64\cscript.exe
        cscript [regtaskmgr.vbs]
        3⤵
          PID:2244

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\259399835.bat

      Filesize

      135B

      MD5

      826431d3df1879172a96555d7ba0aeef

      SHA1

      f56ff5d3c06f78f53884071d1357ba79ee85b96e

      SHA256

      e22b0b5185247a3ca52cb7cd6a271efced0d1d6e8910294f7131241f5d58b7ee

      SHA512

      e995b82e1716ab7f7ea8d810a441ce2b68e570c0e31386670e6c193a11131e5274747205a3245424b7d71b7b0745313bd522eff452b175c80425fbf5ef2bbc52

    • memory/1268-34-0x0000000000400000-0x0000000000407000-memory.dmp

      Filesize

      28KB

    • memory/2288-12-0x00000000004C0000-0x00000000004C1000-memory.dmp

      Filesize

      4KB