28216f94328e942434bc24d7af60ce691f46f2ac5f1381d6ac093d32e65489a5 | Triage

Resubmissions

16-03-2024 17:14

240316-vsg33ahc39 7

16-03-2024 17:12

240316-vqyb9shb94 10

16-03-2024 15:47

240316-s8g2wsea5y 10

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16-03-2024 15:47

Sharing

Report Analysis Logs

General

Target

PCToaster.exe
Size

411KB
MD5

04251a49a240dbf60975ac262fc6aeb7
SHA1

e211ca63af2ab85ffab1e5fbbdf28a4ef8f77de0
SHA256

85a58aa96dccd94316a34608ba996656a22c8158d5156b6e454d9d69e6ff38c3
SHA512

3422a231e1dadb68d3567a99d46791392ecf5883fd3bbc2cae19a595364dac46e4b2712db70b61b488937d906413d39411554034ffd3058389700a93c17568d2
SSDEEP

3072:quJFS5Aqu+WwjxeI/0gVnfKl0FA+aPobO24yNz88iu8vDYHTlI5EJD5Hbibfd6PK:/JM0mCsWq1/qpz+nF5c

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1964 wrote to memory of 1044	1964	PCToaster.exe	28
PID 1964 wrote to memory of 1044	1964	PCToaster.exe	28
PID 1964 wrote to memory of 1044	1964	PCToaster.exe	28
PID 1964 wrote to memory of 1044	1964	PCToaster.exe	28

C:\Users\Admin\AppData\Local\Temp\PCToaster.exe
"C:\Users\Admin\AppData\Local\Temp\PCToaster.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1964
- C:\Program Files\Java\jre7\bin\javaw.exe
  "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\PCToaster.exe"
  2⤵
  PID:1044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1044-8-0x00000000025B0000-0x00000000055B0000-memory.dmp

Filesize
48.0MB

Download
memory/1044-11-0x0000000001B60000-0x0000000001B61000-memory.dmp

Filesize
4KB

Download
memory/1044-13-0x0000000001B60000-0x0000000001B61000-memory.dmp

Filesize
4KB

Download
memory/1964-0-0x0000000000400000-0x000000000046E000-memory.dmp

Filesize
440KB

Download