Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 00:05

General

  • Target

    8a38d0e9479ed87d91c25f4544e3d7383dac7a5b7037fcf1e7034e8213f8d50d.exe

  • Size

    79KB

  • MD5

    0b7ac70a44076f4f964c40cca567f76c

  • SHA1

    f5e5619a3b9e3513de8870437fa5e39e2e006309

  • SHA256

    8a38d0e9479ed87d91c25f4544e3d7383dac7a5b7037fcf1e7034e8213f8d50d

  • SHA512

    3bac75e92b4a291917db0bc4285271ad4e8e8903bc16cb6a8d877339674b616cc2a87eb75a60ea5e22165385d2311de8d3432a34af26485b7212b76548e46193

  • SSDEEP

    1536:zvOPgcj3ayKB3OQA8AkqUhMb2nuy5wgIP0CSJ+5yHB8GMGlZ5G:zv+eys+GdqU7uy5w9WMyHN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8a38d0e9479ed87d91c25f4544e3d7383dac7a5b7037fcf1e7034e8213f8d50d.exe
    "C:\Users\Admin\AppData\Local\Temp\8a38d0e9479ed87d91c25f4544e3d7383dac7a5b7037fcf1e7034e8213f8d50d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    704d14376ff72037e6d6bb15f73231ba

    SHA1

    ec981889603230fa848f91a09b92a96d87ba3d06

    SHA256

    3d828a91cda16247aca65f678d25ff6cc75fb240afce430977e33dc771b08ca5

    SHA512

    b07404857ab7948f482384223b6dd59df8348a0672b224e3cf6d2d560cf65f61cd60ba1493d31ad8b4fb0bbf9215bb3d12f7003c50230e95e82e8b8481bb00a8

  • memory/1664-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/1956-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB