Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
11-05-2024 16:28
General
-
Target
BrickHillSetup.exe
-
Size
1.6MB
-
MD5
085c248832ef03881059faec18eae7ff
-
SHA1
8477892aadc283f5d000b2c36e4c44c370f59727
-
SHA256
d755331262471b1c5fb7c47ad5e0e5129f8c103f3e5df06120b3f8db61c31aae
-
SHA512
80d3327168c4597554f441cf29360d9ae982bd36afa7e6409c6e2b779eddc7a522f2bdcd190a82517fb445bf7714377f30a79c2cedea168f19139d82cc94c43f
-
SSDEEP
24576:u4nXubIQGyxbPV0db26ifZbRQKiFDhbGh3+shiy/wxwWIFgi5LPxf0XE:uqe3f60oKil5QhiyPbFT9eE
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\BrickHillSetup.exe"C:\Users\Admin\AppData\Local\Temp\BrickHillSetup.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-520N1.tmp\BrickHillSetup.tmp"C:\Users\Admin\AppData\Local\Temp\is-520N1.tmp\BrickHillSetup.tmp" /SL5="$501CC,810935,780288,C:\Users\Admin\AppData\Local\Temp\BrickHillSetup.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\is-520N1.tmp\BrickHillSetup.tmpFilesize
3.0MB
MD57e06750376491b308c2a6e35eca13b1b
SHA136ae9cc7ac76bc97288ff1c36c4aef9cbb8b1e47
SHA256628a8a5e02456d23de8dec3a952f9e0ae3c464aa4a2ef884242e4486920828ac
SHA512a77e1d2917a5e77abb25732b056da980107550eb1e801c02f71db6c6941690fc20a4ee52700205d5c1d7f8a981b2b13c7fd6b79b582eeb1ce5f9c97f7e0ffea0
-
memory/3892-0-0x0000000000400000-0x00000000004CC000-memory.dmpFilesize
816KB
-
memory/3892-2-0x0000000000401000-0x00000000004B7000-memory.dmpFilesize
728KB
-
memory/3892-8-0x0000000000400000-0x00000000004CC000-memory.dmpFilesize
816KB
-
memory/4668-6-0x0000000000400000-0x0000000000705000-memory.dmpFilesize
3.0MB
-
memory/4668-9-0x0000000000400000-0x0000000000705000-memory.dmpFilesize
3.0MB