Analysis
-
max time kernel
139s -
max time network
102s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
03-05-2024 04:13
General
-
Target
dc166f70908875eeeb4fd19f22c248da486e0c4ff8fa21e455f3a653062acbc7.exe
-
Size
752KB
-
MD5
8b284019623fbbb4f3c3531f51d99163
-
SHA1
55158f83ee688ffc72c43f33fc83ec11f5c30c47
-
SHA256
dc166f70908875eeeb4fd19f22c248da486e0c4ff8fa21e455f3a653062acbc7
-
SHA512
535e31cee1c7e642c30e16e38331b4f638f6a7c8a4bad2258f159148c2d972d391e106f1738a14ff47e9f6a163fc8a9877d945a5e97624b55faeb1ee2626afce
-
SSDEEP
12288:9/kA8UXFh1pHI46A9jmP/uhu/yMS08CkntxYRKA9jmP/uhu/yMS08CkntxYR:9/kAFXFlbfmP/UDMS08Ckn3gmP/UDMSz
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 3 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\dc166f70908875eeeb4fd19f22c248da486e0c4ff8fa21e455f3a653062acbc7.exe"C:\Users\Admin\AppData\Local\Temp\dc166f70908875eeeb4fd19f22c248da486e0c4ff8fa21e455f3a653062acbc7.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.execmd.exe /c C:\Users\Admin\AppData\Local\Temp\2⤵
-