Analysis
-
max time kernel
181s -
max time network
212s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10/04/2024, 12:50
General
-
Target
96693077bab7b230c1d5a8bdf85f7d4f42c2f0866b49d09f3e7f0d0d62a37d06.exe
-
Size
11KB
-
MD5
b0f6394fe20f36a1fa666a2dfa8e441b
-
SHA1
d5844d621ad737ed1f7fe0570233be16d5ef336e
-
SHA256
96693077bab7b230c1d5a8bdf85f7d4f42c2f0866b49d09f3e7f0d0d62a37d06
-
SHA512
e6c250f82e3b4cf06dda0d69a89e8cb29916678b5b1c73be3b1d095667725c84de03f4b329324ae5cb25b0f97f14ec3bd3ad0685bce42db0463de554cfe2ebf3
-
SSDEEP
192:Y/jOPyJY55MJh/4ZgLkpg2pq1P707Da2xNfI9fctrb5G555jbcQ26YS295P1oynp:Y/2H55Uh/4Ckrq1PQ7lxNUctrbA555jR
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Runs .reg file with regedit 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\96693077bab7b230c1d5a8bdf85f7d4f42c2f0866b49d09f3e7f0d0d62a37d06.exe"C:\Users\Admin\AppData\Local\Temp\96693077bab7b230c1d5a8bdf85f7d4f42c2f0866b49d09f3e7f0d0d62a37d06.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regedit.exeregedit.exe /s C:\Users\Admin\AppData\Local\Temp\~dfds3.reg2⤵
- Adds Run key to start application
- Runs .reg file with regedit
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
121B
MD52146b6a0718fd528c87833958f57adc4
SHA1e25dc399db6f121c34ae10d5d4cdecf016c23827
SHA256c7ec77d059b647cf99164ce42f807fc7db82e312776b15853597cd94d1a2ff45
SHA5125f6f082dcb529014cfb954a3da10d2b388fefc2a5d1409d7badcdc21b18b528f9a59c85be83f673dea3d90b47f794f090aca4a0c415c4845f95f0768aa4714c0