Analysis
-
max time kernel
89s -
max time network
101s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
-
submitted
26/05/2024, 14:50
General
-
Target
17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe
-
Size
2.6MB
-
MD5
2dc0eb5bdfb5f02e473fe916d04dae85
-
SHA1
01cc7f58890c47d4d264a10dba7941939190b2ea
-
SHA256
17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d
-
SHA512
7dde5a7498fcec3c15a21647f60f485aa096bf5735e079f541936056c3d11011db419427768467addaffc2bf5ecb253f39609a16012a6858ad976206174012b0
-
SSDEEP
49152:cfU4UjZZse5sgI/AxsOIiSeM0IzPuS0p+bn9zG90VVPahalDAab:cfUb8pAxsOBSexdGzByOahalkab
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe"C:\Users\Admin\AppData\Local\Temp\17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\Temp\{3CA9544D-3462-49E6-9829-2F14C93DBDD1}\.cr\17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe"C:\Windows\Temp\{3CA9544D-3462-49E6-9829-2F14C93DBDD1}\.cr\17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\17e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d.exe" -burn.filehandle.attached=564 -burn.filehandle.self=5722⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.6MB
MD52dc0eb5bdfb5f02e473fe916d04dae85
SHA101cc7f58890c47d4d264a10dba7941939190b2ea
SHA25617e35d378788ddf9687b2edafb9bed844da7747096cbf9460c0316055b55d25d
SHA5127dde5a7498fcec3c15a21647f60f485aa096bf5735e079f541936056c3d11011db419427768467addaffc2bf5ecb253f39609a16012a6858ad976206174012b0