Analysis
-
max time kernel
92s -
max time network
98s -
platform
windows11-21h2_x64 -
resource
win11-20240419-en -
resource tags
-
submitted
26-05-2024 14:00
General
-
Target
b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe
-
Size
2.9MB
-
MD5
009d32bcda034a6b6da8c2787c850877
-
SHA1
5f29ed22e653786c0c86dcbb9d7e40dbca7fedb0
-
SHA256
b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c
-
SHA512
31c7acf85c20f6216737eab7b54cbdddac45a881bfb0213c564b660af41f86b96012744ec434f5ab76981484870935d4cc12b0106ee16092eeecb04c1019f840
-
SSDEEP
49152:cfU4UjZZse5sgI/AxsOIiSeM0IzPuS0p+bn9zG90VVPahalDAaX7EUHPAe:cfUb8pAxsOBSexdGzByOahalkaX7EgPp
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe"C:\Users\Admin\AppData\Local\Temp\b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\Temp\{F9258F5E-5766-4C07-84AD-AD90A75EE091}\.cr\b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe"C:\Windows\Temp\{F9258F5E-5766-4C07-84AD-AD90A75EE091}\.cr\b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c.exe" -burn.filehandle.attached=572 -burn.filehandle.self=5642⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.9MB
MD5009d32bcda034a6b6da8c2787c850877
SHA15f29ed22e653786c0c86dcbb9d7e40dbca7fedb0
SHA256b9770bd684c2550a89e6b6440f6887accce9a13e38b3df6acf86bad10e6a3e4c
SHA51231c7acf85c20f6216737eab7b54cbdddac45a881bfb0213c564b660af41f86b96012744ec434f5ab76981484870935d4cc12b0106ee16092eeecb04c1019f840