Analysis
-
max time kernel
144s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15-03-2024 03:59
General
-
Target
f1e6815d23cc4fcaf707a81c991a7a59.exe
-
Size
443KB
-
MD5
f1e6815d23cc4fcaf707a81c991a7a59
-
SHA1
39f73f0685e2fb4ba64ba486148e757465c774b2
-
SHA256
bcaf9a08b990741acc1a728da624e76abc21fbf01c2cf65ed2723f85b8de8b4f
-
SHA512
8b361a9ff64694e28e9974d58ed0e05763230fbd4f7ba171c6b7b642bf117d60cbe27b56b4709e631062840cc2ee99e6a85118445094669f4c86d4e603d37e0c
-
SSDEEP
12288:Wq4w/ekieZgU6rtqMNHgU7o1PW3IqdlMa:Wq4w/ekieH6THd9dP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe"C:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\31FD.tmp"C:\Users\Admin\AppData\Local\Temp\31FD.tmp" --helpC:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe 96DE3DDBC22757921800BF99F99402DC703D2EF90F48F954131A663E69C01C225B1E91D8076EC25F0859AE786CA58219F0D9387B44A1BED595C6607D24ABFAEF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD53816ebcfae3c08ba46c4e2af41f7375c
SHA185cb779b55b261279002afaa2a5b32a5df7e4187
SHA256b6d23e0906bce9faa8b8e3f4e8a5340140b2ebe6496dd3a16b8f9eca021ea7a6
SHA512219245942cb5624c2e487ae8c0ef7c399e3fc7f4ace49e2fc7d02a466350205328488826867b5ae13548fa0172a36b24381ecee922322f9afef12e37b3d07217