Analysis

  • max time kernel
    93s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/06/2024, 00:52

General

  • Target

    a33104411f1789e38bc79b3570b2783090cee82c96a6997b10117a77dfc209fb.exe

  • Size

    74KB

  • MD5

    1b54e91343d05734dcf7b64d892af8bb

  • SHA1

    388733b0d7ba1003484589046790fd0bf6e32d11

  • SHA256

    a33104411f1789e38bc79b3570b2783090cee82c96a6997b10117a77dfc209fb

  • SHA512

    94aa70431c4a51f924915ae1cccf56efdc2b59871142ec1699c0fc288891826c9b3e8fc0c6ec664ffc148b6ae029ceb368df6ed68de09d5ee5fcb626b9f069c3

  • SSDEEP

    1536:1/PMkmQgitNDBThJz0J+TdrIreROg/pP0F3UgOkFDWI5w/km:CkmQ9tNdThJIJ+ea8WpwUgOyDm

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a33104411f1789e38bc79b3570b2783090cee82c96a6997b10117a77dfc209fb.exe
    "C:\Users\Admin\AppData\Local\Temp\a33104411f1789e38bc79b3570b2783090cee82c96a6997b10117a77dfc209fb.exe"
    1⤵
    • Drops file in System32 directory
    PID:3548
    • C:\Windows\SysWOW64\lfehut.exe
      "C:\Windows\SysWOW64\lfehut.exe"
      2⤵
      • Executes dropped EXE
      PID:1004

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\lfehut.exe

          Filesize

          71KB

          MD5

          afe27de6c2d00abaeb4f95ac69f2faaf

          SHA1

          27fc6e7eeb22f892a99c9700d0924d09274db861

          SHA256

          7a0d6a27d5333f16f05fa324c1df7d3564d1c7355237ac5ba740e5e073c5be26

          SHA512

          29e0accf021fad057bb897aa7317d40e57d3c8b1db1925e31e47e4d04e5b9726d3d4f799465a8c1b093a7650c28c7858e44d219b460e62b6a50cbef394efd458

        • memory/3548-4-0x0000000000400000-0x0000000000403000-memory.dmp

          Filesize

          12KB

        • memory/3548-1-0x0000000077202000-0x0000000077203000-memory.dmp

          Filesize

          4KB