Analysis
-
max time kernel
156s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
13/03/2024, 01:56
General
-
Target
961a05a2998d135247a3075c17441170.exe
-
Size
414KB
-
MD5
961a05a2998d135247a3075c17441170
-
SHA1
c5550e34b6ce5c6d66ab408eca99ef61dce9e9b4
-
SHA256
2a740d48fd85e72faabfe474c207c75e63d811ceefe75fcf661b655e3855b511
-
SHA512
d80b7e67126044def9bcfb511122092cff103cb47f5cda13e9d2d8382a9f8c8cbd98670163b3f50038215ea75a31304276cd1e38ee6c60df46f6ddf36f374214
-
SSDEEP
6144:Wucyz4obQmKkWb6ekie+ogU6BYLxOtYyr2NP5+8YpIpwQ0QNcESXl:Wq4w/ekieZgU6OOiyr2N0fpSNcEQl
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\961a05a2998d135247a3075c17441170.exe"C:\Users\Admin\AppData\Local\Temp\961a05a2998d135247a3075c17441170.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\9A7B.tmp"C:\Users\Admin\AppData\Local\Temp\9A7B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\961a05a2998d135247a3075c17441170.exe 5DE3E621797526C1DC9E48410B8F41021312B95F6EB6605AA39C4B2007DC20ADCA19AE554AC30A9C35380E60FFD6B91F20EA27D42C5BB89F45078721BC0A5B562⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
414KB
MD5c7d7b23f31338addd5afbc0d50e080b3
SHA143d5cde4dbcf0ad3e7867b0a683e7dd271cdf5d0
SHA25634cd5e6734745f45864e55848c7f5df9e830d2b7b35ba556a181433ae764a3e3
SHA5126c3af6f2f5edc1ce74b6f397ea8d316a61b01088215a3919395f81ac00e8e90fbf1fbab604f562651e83eb5f520917dd5753d500954628735c69289ffdeca579