Analysis
-
max time kernel
15s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/05/2024, 18:57
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-20240221-en
3 signatures
150 seconds
General
-
Target
main.exe
-
Size
14.1MB
-
MD5
96cdf9111649e40701b90e064e4917c9
-
SHA1
98cf41e395e67696b9610a3526a68abd86dc909e
-
SHA256
2d5d333b432a189db7122e9b2c209c2144bc62f0a3d74e41d24a2f7a71709481
-
SHA512
154b6978254cf43c1aa83b895727854ad90aa819f1989a45d0e56809695b12991048b98df6ad85222b086e26efaf6d7327eefd3661f4f1787e5c6f9918e83d20
-
SSDEEP
393216:8V99Q1dZHaY285L1V8d+BtU1fNlv/pYZH3gJs/Htrt:i99Q1dxadcRJUJ3v/qH3nrt
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2984 main.exe -
resource yara_rule behavioral1/files/0x00050000000194ad-92.dat upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 756 wrote to memory of 2984 756 main.exe 28 PID 756 wrote to memory of 2984 756 main.exe 28 PID 756 wrote to memory of 2984 756 main.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.5MB
MD53d7de1ca1182f7d64079531afadbe8bb
SHA148948069e4ee7869113144e02cc8f1a0fc939753
SHA2565eab9f12ad11850eafa3490a615940d819a9688b405cbfe083a3ab08605bd71d
SHA5128d495e3473a56e90fd58102d7c02654dba988932b8e6a0e87f8f5f2f162dbeef2e9eac96b1ac125977f06ca7c585e1a3358643502bd655e0cf1d38876dcc3dad