Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
07-03-2024 02:44
General
-
Target
9864b0205f8df10337c37eb1d8a32a9e.exe
-
Size
435KB
-
MD5
9864b0205f8df10337c37eb1d8a32a9e
-
SHA1
3a35c06912113e9acde4d5480456f239e1a8b5bd
-
SHA256
4e764dd15da5554b7ed05f0cdbbcc9e7a90183c52b7c89e9c8445a0e4761031a
-
SHA512
1b346bd2f9a4e8d34baf1d914c368f26aa750262ca71879f82c45de637d2ec93bb3cdae5c0807d3a21e2e309623ba848aa37dbcf35719ef38fe7d5ab78455c25
-
SSDEEP
6144:fJvyW4ojUnQjx4qePix+qXQjBYWOHdObBk+KRQNamlqUe129le6N29lfw9J:fd4x+ePixnXQjyHdOTKRQHmQl34wP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe"C:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6774.tmp"C:\Users\Admin\AppData\Local\Temp\6774.tmp" --helpC:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe 60D25BA34CB7B275C1AB957EBD7E058272E2E68F12561CB1907D138413849154A198BDA3362C50E2B0BCD8889C1893D5844C6DBB93890BCB6724CCCD157367642⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
435KB
MD56a6e6b35ae633dfc9936f1e8af7ad678
SHA169013e9c6b60a2447b20d99b6effd3ab0547bef0
SHA25674837eaab319294f0a225f3e809b6311b5ba58ee5fc54e5e5712e074a5ed99a8
SHA51264483dba2187df05d13a62017c8437d1f4b386ec8ccad61c7fcc43f173f4d56a624a9fc24b40a47242ffeeaf1f920c5a03b48dd7a4e8b7e901557e88a30d38ef