Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 09:40

General

  • Target

    c30b0bbad81350632d4c1f159834d999.exe

  • Size

    402KB

  • MD5

    c30b0bbad81350632d4c1f159834d999

  • SHA1

    ce059ee391aa495a203a7570cd3c3e300068dfdb

  • SHA256

    0fb699b995c7844be905bde197f7ba9da846861a5030b1bbf15bf5a5cc9c460b

  • SHA512

    99e56d2d052c7e85d384ab81320695a8f2fad9e2c2e447f18a0db4bc9008e16c2967037cc9901136eb53c7b69ab7a7875a129b664a7444bff18fb87564ea31f6

  • SSDEEP

    12288:SfX25krtcNSYIgM2qmkllWvxgRs0QYm8LKt8832BZb0cTpcttI8X3vGs9ctM:SfX25krtcNSYIgMpu70kaK13SNX9it39

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c30b0bbad81350632d4c1f159834d999.exe
    "C:\Users\Admin\AppData\Local\Temp\c30b0bbad81350632d4c1f159834d999.exe"
    1⤵
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of WriteProcessMemory
    PID:3700
    • C:\Users\Admin\AppData\Local\Temp\c30b0bbad81350632d4c1f159834d999.exe
      "C:\Users\Admin\AppData\Local\Temp\c30b0bbad81350632d4c1f159834d999.exe"
      2⤵
        PID:220

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3700-1-0x0000000001200000-0x0000000001300000-memory.dmp

            Filesize

            1024KB

          • memory/3700-2-0x0000000001390000-0x0000000001392000-memory.dmp

            Filesize

            8KB