Analysis
-
max time kernel
149s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
07/03/2024, 02:23
General
-
Target
7d7e430a09765d2e2196580e84b44f6e.exe
-
Size
433KB
-
MD5
7d7e430a09765d2e2196580e84b44f6e
-
SHA1
f21269595ad5792fc44e2300e338c1d74b6259cf
-
SHA256
4bff22f5f702bf8abb40266ac285affda4a54782eb705ed366e730755cf1fc4b
-
SHA512
ed45de1f37877f7a039430f6917378a66b811704db2eb846f8a92b7eaf4e3952c1ddffce6e1a317d3d7157ec20c098fc035d3a240ffaab133fadfcb36777e173
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvXOAWAxk3souUKXcaWkkeTSzw5zlR/cDC2xE:Ci4g+yU+0pAiv+QRsUHmiwdlRojYn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7d7e430a09765d2e2196580e84b44f6e.exe"C:\Users\Admin\AppData\Local\Temp\7d7e430a09765d2e2196580e84b44f6e.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\61B7.tmp"C:\Users\Admin\AppData\Local\Temp\61B7.tmp" --helpC:\Users\Admin\AppData\Local\Temp\7d7e430a09765d2e2196580e84b44f6e.exe 19E4CE92436EF9C9F3C13E611DBDFEA95309C1D2221183514026C3E3A3D42DA43DFBB2ED423E4505C997F2E09BF60C5548C1A821C46998504C42C7E297629B7F2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD5251ea7eca0c0ee4fc12d9ecd6663eaee
SHA16eb2aa2864bb506c964f1e05ccd6506be76f9d86
SHA25686538109fa04edbebb4c29177f0679b5ef23c733fada8891cf50fb78c6abe350
SHA5121d413e1495fd8e8a56359a739a7e8f9e17c0fdbab5e44e8a436dcd7e06a92e2cb629ad8eb0ec6b893e5eafe0f3993aec8b3fc26ec48a983fbfc3a0ed299e28a4