Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 22:17

General

  • Target

    89c3fc207e5923404f97538083e3a4ce30bad3e1ed2234c02f4a101c530de8e8.exe

  • Size

    79KB

  • MD5

    5e42ccd5e8e30172f099de9fedddafd2

  • SHA1

    5c9664012440ba8e83673bdc875e3c9d8159c7d8

  • SHA256

    89c3fc207e5923404f97538083e3a4ce30bad3e1ed2234c02f4a101c530de8e8

  • SHA512

    1e80a7face5e8c660e3c3dbb7375d61b558fec568bd01e8823c480376ecf600e4d7c6ed4a5fad89c8fe7f74b203c024986ce7cb49ce21bb8be63724e31e7ae85

  • SSDEEP

    1536:zvrQMaIbTWazYa9OQA8AkqUhMb2nuy5wgIP0CSJ+5ykmB8GMGlZ5G:zvrbHbTDMakGdqU7uy5w9WMyzN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\89c3fc207e5923404f97538083e3a4ce30bad3e1ed2234c02f4a101c530de8e8.exe
    "C:\Users\Admin\AppData\Local\Temp\89c3fc207e5923404f97538083e3a4ce30bad3e1ed2234c02f4a101c530de8e8.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    3441d2f2824104f06e15765ebe21eee3

    SHA1

    3134351178ec741c99d9cd01f3afa38aad025490

    SHA256

    d7deded77430000f4aff2ee57b29d92a491f9552cffaf1044b5e9479527c8787

    SHA512

    cf1b1a2662990198c3e991f6e986fed47a4db32c91eae2b725632cf53e1a10f48b9706b9df30aaf8d2932226beeff22ba4dd38b3c3c8d2c07cd058822b607526

  • memory/112-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/1284-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB