Analysis
-
max time kernel
149s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
25/05/2024, 00:55
General
-
Target
94492f66c65fb419be443fa68f793587612a845a3bcfed74ae0b2293af46d013.exe
-
Size
33KB
-
MD5
078254106ce646bde2182ff03b373a72
-
SHA1
aeb58bf0031d202a5ec76df74f52b5197423fa5e
-
SHA256
94492f66c65fb419be443fa68f793587612a845a3bcfed74ae0b2293af46d013
-
SHA512
b35ee15218e4610cdae879718ca757aaf3f97224e592e85f6af20f1a46780bae4fcb48888c23bd7740013ab26792beb166152833d80f9b37c8826fc0233bb32d
-
SSDEEP
768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNhg:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wY
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in Windows directory 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\94492f66c65fb419be443fa68f793587612a845a3bcfed74ae0b2293af46d013.exe"C:\Users\Admin\AppData\Local\Temp\94492f66c65fb419be443fa68f793587612a845a3bcfed74ae0b2293af46d013.exe"1⤵
- Adds Run key to start application
- Drops file in Windows directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\microsofthelp.exe"C:\Windows\microsofthelp.exe"2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
34KB
MD57e7c7bfa478b4c7f9ddd0e93273355e7
SHA1c6f14f97e242672066fb5134c47119d4b4b756ae
SHA25652b343f7a1bb70c597506a33e5cf5eacc922ef3f04f759a3f8661c4d3e11ee66
SHA512b1a954228d438c9f11f8738551610e1c4078d28d322e89ed29cce621bf38c984f8c80534fd5df532be898a50887463e4fd35b2c75cafbac450fce8b8e82dbf04
-
Filesize
12KB
-
Filesize
12KB