Resubmissions

25-03-2024 11:00

240325-m3yvkagg8y 5

25-03-2024 10:58

240325-m24z7adg45 5

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-03-2024 11:00

General

  • Target

    вирус_v2.0.exe

  • Size

    155KB

  • MD5

    cd564358f2933adb4259afb672f19911

  • SHA1

    a86753eeb0339f625148b76e4a7fe2f85a8858cc

  • SHA256

    dbc8b3f55307575516d50e820affb2f8f623a9ebc9844fbc4d1e4c8cdef8ff1e

  • SHA512

    b74f61a6e599fe37607b71c1979159773f63045a916c30154f06b73150b763e1332c040457dd722dc881978492f50cbd29e8d003cacff80cb06966d4a785a0cb

  • SSDEEP

    3072:raFfHgTWmCRkGbKGLeNTBfT16FY24wR+UIDBLCZ/F:W5aWbksiNTBL1sl

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\вирус_v2.0.exe
    "C:\Users\Admin\AppData\Local\Temp\вирус_v2.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:320
    • C:\Windows\system32\cmd.exe
      "C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\3BF0.tmp\3BF1.tmp\3BF2.bat C:\Users\Admin\AppData\Local\Temp\вирус_v2.0.exe"
      2⤵
        PID:4016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\3BF0.tmp\3BF1.tmp\3BF2.bat

      Filesize

      246B

      MD5

      bdbebba28b6b37e48a6e0a0baa3837cd

      SHA1

      4bb511e888997be7ebac0b5d8ff1f90be6141843

      SHA256

      4c30117451d4e1a235f30a6a3d0ff654fd179caaca0edb3e20f7aafedc22df12

      SHA512

      422f6af590fae3c50d4259a52d025e603229e741d7be93a13573ab64a747a3199658400888e972e0255566afc2d721c335041cca05b4142d46630540867b875d