Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/05/2024, 16:04
Behavioral task
behavioral1
Sample
Resolver.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Resolver.exe
Resource
win10v2004-20240426-en
General
-
Target
Resolver.exe
-
Size
11.9MB
-
MD5
d385342c9669e08fd8c1e21760fac99e
-
SHA1
0beec1c3bc413f376b033e660a8a3a9b7dc77115
-
SHA256
03d353b5711ba8f6c9139fe2a8dc17710260cbc52818758083b22754526ff2fc
-
SHA512
517d16f94073ed9e58821f559ada27a9b970a4407ad014b03950aa58910f655b02c0399f2e5199c647724951a8d1e3765b8c2949f5ef22bf593add019bd7354f
-
SSDEEP
196608:lnRkU1/wbITLwOjUqVL2V76+D+nNgwQ+dtLI/1q3+dgSh7ki0W8/Lawr86r/BoLx:1KU1obI/fL2V76myNjyq3+d9h7SW8BrW
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 1980 Resolver.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2932 wrote to memory of 1980 2932 Resolver.exe 28 PID 2932 wrote to memory of 1980 2932 Resolver.exe 28 PID 2932 wrote to memory of 1980 2932 Resolver.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.2MB
MD5a1185bef38fdba5e3fe6a71f93a9d142
SHA1e2b40f5e518ad000002b239a84c153fdc35df4eb
SHA2568d0bec69554317ccf1796c505d749d5c9f3be74ccbfce1d9e4d5fe64a536ae9e
SHA512cb9baea9b483b9153efe2f453d6ac0f0846b140e465d07244f651c946900bfcd768a6b4c0c335ecebb45810bf08b7324501ea22b40cc7061b2f2bb98ed7897f4