Analysis
-
max time kernel
147s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10/04/2024, 10:57
General
-
Target
512c11137fceb5cde732daf66a94bfc205fd0396af0a5b2801d3e258d7ac70f6.exe
-
Size
12KB
-
MD5
d1278352aaf38d01cb86d438d9a6f9f0
-
SHA1
c37d0318184869258c9d211795a8d6629ca18367
-
SHA256
512c11137fceb5cde732daf66a94bfc205fd0396af0a5b2801d3e258d7ac70f6
-
SHA512
9ba4595a752f25435980dbe677993e49c8569d5e7e52f78b5b04312dc7487e8d92d10dcaa434baebfddfa73473cb7b98cf3e58737586e37721160882645277c3
-
SSDEEP
192:W/jOPyJY55MJh/4ZgLkpg2pq1P707Da2xNfI9fctrb5G555jbcQ26YS295P1oynn:W/2H55Uh/4Ckrq1PQ7lxNUctrbA555jL
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Runs .reg file with regedit 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\512c11137fceb5cde732daf66a94bfc205fd0396af0a5b2801d3e258d7ac70f6.exe"C:\Users\Admin\AppData\Local\Temp\512c11137fceb5cde732daf66a94bfc205fd0396af0a5b2801d3e258d7ac70f6.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regedit.exeregedit.exe /s C:\Users\Admin\AppData\Local\Temp\~dfds3.reg2⤵
- Adds Run key to start application
- Runs .reg file with regedit
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
121B
MD52146b6a0718fd528c87833958f57adc4
SHA1e25dc399db6f121c34ae10d5d4cdecf016c23827
SHA256c7ec77d059b647cf99164ce42f807fc7db82e312776b15853597cd94d1a2ff45
SHA5125f6f082dcb529014cfb954a3da10d2b388fefc2a5d1409d7badcdc21b18b528f9a59c85be83f673dea3d90b47f794f090aca4a0c415c4845f95f0768aa4714c0