894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e

Analysis

max time kernel
90s
max time network
92s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
22-04-2024 04:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
Size

379KB
MD5

9790c399853d9ef03690418fb95b3558
SHA1

5ce690e25b22ee075b683fa60f7daa30633ca4d9
SHA256

894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e
SHA512

62f8b9bf8d77acfa85685c3ed9eadfafa2c146ceba720e63e140fd220bba2925b09938fbca7041ff7cf38cdfc83fe67c7d4af5261448c1796c5d7dce66e1b278
SSDEEP

6144:pPuhbc37AwINjRVzHuJoDj+d+kDc9+plyxPwCIOOc/7q1Nw:pcbeAlZRVgoDjI+Dulxm5zUi

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

Processes:

894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe

description	pid	process	target process
PID 3740 set thread context of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe

Suspicious use of WriteProcessMemory 9 IoCs

Processes:

894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe

description	pid	process	target process
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
PID 3740 wrote to memory of 4712	3740	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe	894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe

C:\Users\Admin\AppData\Local\Temp\894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
"C:\Users\Admin\AppData\Local\Temp\894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:3740
- C:\Users\Admin\AppData\Local\Temp\894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe
  "C:\Users\Admin\AppData\Local\Temp\894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e.exe"
  2⤵
  PID:4712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3740-1-0x00000000042A0000-0x00000000043A0000-memory.dmp

Filesize
1024KB

Download
memory/3740-2-0x0000000004720000-0x000000000476E000-memory.dmp

Filesize
312KB

Download
memory/4712-3-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/4712-5-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/4712-6-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/4712-7-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download