Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
30/04/2024, 16:07
General
-
Target
3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5.exe
-
Size
22.1MB
-
MD5
f453e543fe7eb5d71b420ee0842b253a
-
SHA1
395b0722c9ac6b8d9e5642cf4aa0506bd5b5311a
-
SHA256
3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5
-
SHA512
055fbde6a2c2bae5b3b896d31845bf7a41d9a593d85f34f7672028f3e88e38d016043f06f745daafff407687fd30c36769e2a94d65bd4571a243e652933fcb90
-
SSDEEP
393216:XEkBOL3/pyDp5nSNPG7NmiZoUW+eGQRZMTozGxu8C0ibfz6eIau5qW80hoA/g7Z5:XU4DpRoKEANW+e5RsoztZ026eW5qW80g
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5.exe"C:\Users\Admin\AppData\Local\Temp\3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5.exe"C:\Users\Admin\AppData\Local\Temp\3f943f8381e471884ad0d8b43ca80ae6eefacd67b6ffdfa2fff0c69a3c0496e5.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.7MB
MD548ebfefa21b480a9b0dbfc3364e1d066
SHA1b44a3a9b8c585b30897ddc2e4249dfcfd07b700a
SHA2560cc4e557972488eb99ea4aeb3d29f3ade974ef3bcd47c211911489a189a0b6f2
SHA5124e6194f1c55b82ee41743b35d749f5d92a955b219decacf9f1396d983e0f92ae02089c7f84a2b8296a3062afa3f9c220da9b7cd9ed01b3315ea4a953b4ecc6ce