Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
11/03/2024, 01:22
General
-
Target
700e0420f3ace133ff1b9e1ead9220b3.exe
-
Size
443KB
-
MD5
700e0420f3ace133ff1b9e1ead9220b3
-
SHA1
1d2f9580de2e495d55ff8085281d9faccbf93461
-
SHA256
f00b97e7b0fc14abbc00bbc7da15f8318667f0dcc012ae71e34d33b830bf737a
-
SHA512
464dd6963e39a10c898b33096ba9428463c285241cbc80a1a5a000605db54d175508e01bd18f2e045252410459fd6858c92873bac832030ca4b97dcff4230a78
-
SSDEEP
12288:Wq4w/ekieZgU6gOrMpZNrG+KuIzkTQBZxxJlMa:Wq4w/ekieH6HrnKIzkTwxnP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\700e0420f3ace133ff1b9e1ead9220b3.exe"C:\Users\Admin\AppData\Local\Temp\700e0420f3ace133ff1b9e1ead9220b3.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\324B.tmp"C:\Users\Admin\AppData\Local\Temp\324B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\700e0420f3ace133ff1b9e1ead9220b3.exe 48497F7E7A0EF2219890B439D8805DD26990E44870166AC109CA6A889854EF5476742B1416EF915FA41A1B1CF396CC8BFE6D37F1BAA1C4911BA27A63ED7A298B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD5acd857e17b49d3f2fefa658908f758a1
SHA1e70718e92b13f95d2d2491d4437d66c793dcddb0
SHA25680772de98cc46b0e96d629a15df79f5e1cd066990eef75eefca9092ce8e21be4
SHA51225119daaf561c38e28b7ac3bfdf2cd01a6bc68c2fcc70d1ee9f01591a6409fb3bf1af74b7016e4579a38c3ca72b1c66fe12c3c6e46d6a8d01d255a860250c3ba