Analysis
-
max time kernel
0s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28-05-2024 12:25
Behavioral task
behavioral1
Sample
TBK.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
TBK.exe
Resource
win10v2004-20240508-en
General
-
Target
TBK.exe
-
Size
7.4MB
-
MD5
c4f886d3b4ce022c73dff1312b5e6d2a
-
SHA1
e9c2e75578956fd75dd60765c968b9ce1023073b
-
SHA256
721a4b64330caaa0a64de7a355c76add6f50a90ce6039fbb17a8db6ddfd8debc
-
SHA512
806a1b1c4f021d49735d7686de5bd0c3ef8f64d50761ba1ed58ea3c80fc4ff141c62aed6adcefb359c563f6e45733d60892e64a636cd3c3f99432b46d9d84687
-
SSDEEP
196608:f+24uWJysVYvsOSVoyMxxvjDDAx4Br/nKsM/d0kkS2hTyZpMTx:DWJzoyMxtDDAxmxM/d0k1myZpMT
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
TBK.exepid process 2632 TBK.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
TBK.exedescription pid process target process PID 1040 wrote to memory of 2632 1040 TBK.exe TBK.exe PID 1040 wrote to memory of 2632 1040 TBK.exe TBK.exe PID 1040 wrote to memory of 2632 1040 TBK.exe TBK.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI10402\python38.dllFilesize
1.6MB
MD5a39210792dd203f0c2f1e7c8c5c86a9d
SHA14267e6bb3eb35ed03d8bd4658d7bd66056188454
SHA25690b10b8f9c89937c35b207eada1bc8079c42aa56c32b70ae2ca5d63c8717dbbf
SHA5124850b860878ca6c26c651cdd5707f2444799cb7806134db6687853f32dc3f8ca1af0c11880ff1fc2a92c4a9aae34dbe2023be467291e1118ad467d4ac26801d1