0b61251d7c466ab33930cae10ffe55752a14d35dab323fff0f543709caa4486f | Triage

Resubmissions

10-04-2024 13:13

240410-qgefksgh59 10

10-04-2024 13:09

240410-qd3c8sbh6v 10

Analysis

max time kernel
143s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10-04-2024 13:09

Sharing

Report Analysis Logs

General

Target

stage2.exe
Size

1.0MB
MD5

aa7152c5039f0331c80ff63ab9b56c11
SHA1

b20adcd1bb5080924f50396ae8d140936348e5b3
SHA256

0b61251d7c466ab33930cae10ffe55752a14d35dab323fff0f543709caa4486f
SHA512

c85d85f4fc0fe0345885b1ef57c54b0a726854c5ee4879fde8a4b22c96c4c309e397a2c701ce2c1e87897f5e5211f3781aa4c7354a5c0a6e0ddbfd815677e2c6
SSDEEP

1536:ZRe88iq2vZOX3Eszsbt4txy3pWRUj/8IzsZp1mLhcsm9Q0C:eilvQX3EsgpowpWOb6pkLc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

stage2.exe

pid process

1896 stage2.exe
1896 stage2.exe

C:\Users\Admin\AppData\Local\Temp\stage2.exe
"C:\Users\Admin\AppData\Local\Temp\stage2.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...