Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 01:23

General

  • Target

    a84ad7e4f0818c3ab031d398081d347a2d80fedde8e9729279e6823a90c0b901.exe

  • Size

    2.3MB

  • MD5

    2c658fcf4e390e27928e5c6534b91519

  • SHA1

    1e2f9b8c0625ff662f3913088c601fdddc3b6597

  • SHA256

    a84ad7e4f0818c3ab031d398081d347a2d80fedde8e9729279e6823a90c0b901

  • SHA512

    82b0e69ecd1ddbf38c9a994db6946038a72724ec69f6c79a9fcfdd891fd65b86725a6323613b2547336fc823dbbdc7f6ca07d60adb731cb064f112f955ef2dec

  • SSDEEP

    49152:DGzEBnq3We4khPu1572ri9i5HMPyU7O4fX6UNijG6B8stZg:D+EBq3We4umZoMPyyv6UNMGGFt

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Suspicious use of FindShellTrayWindow 7 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a84ad7e4f0818c3ab031d398081d347a2d80fedde8e9729279e6823a90c0b901.exe
    "C:\Users\Admin\AppData\Local\Temp\a84ad7e4f0818c3ab031d398081d347a2d80fedde8e9729279e6823a90c0b901.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2008

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2008-0-0x0000000140000000-0x00000001404A3000-memory.dmp

          Filesize

          4.6MB