Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
29/03/2024, 03:14
General
-
Target
b4c84509813795a742fa61ecab34532d.exe
-
Size
479KB
-
MD5
b4c84509813795a742fa61ecab34532d
-
SHA1
75b211ae33acd870e2813cd602d776ad4e75f72b
-
SHA256
7f7a6e7a7c45ca2f3b597686ad061cad9b1efa5ab1056c1e31c4c8aa8025c81d
-
SHA512
3c4d9722b8e098489b22da1dba217c9ba99fbd3435bb115315cc6ca8ed4f5d17f26272fb9f7a0d7e5b74a621b7a599c1179b986512dccd08975661189e2dd720
-
SSDEEP
12288:bO4rfItL8HAHoLy9NK9tDhBGMrNo7VMrkP75UO:bO4rQtGAl9NK9BbrNTrkPVUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b4c84509813795a742fa61ecab34532d.exe"C:\Users\Admin\AppData\Local\Temp\b4c84509813795a742fa61ecab34532d.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\624C.tmp"C:\Users\Admin\AppData\Local\Temp\624C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\b4c84509813795a742fa61ecab34532d.exe 1FB2C6F679A682D1BA9A0AD526913DEF7E468617DDBBE1C034FF2D21F13AFE3F549096322205636CA069164CE9A3B0AF1DD6D9396716D24DD8387A5E92A099262⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD5fac35d8b5299afbee943247dcbfe11db
SHA1240a429ebe8051310300389737977ad0c81a432b
SHA2567a6a9166ce790c39a90b25bf4ec9584c1201d72b96bfe3140ce6cb9450cbdb4e
SHA51237ec292f49c6286638067aa159bd8d2f219b75104c391267daf84f584b28bdd00670b11cea2591c2a01e3349c7735e9d851150f96221b9c614829db8ce8f0110