Analysis
-
max time kernel
118s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 10:37
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ls.exe
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
ls.exe
Resource
win10v2004-20240426-en
6 signatures
150 seconds
General
-
Target
ls.exe
-
Size
3.1MB
-
MD5
9fee5d57bbc9ad824a24680ea7e5b6ee
-
SHA1
79a94ee440c1dd97fb91b07d9c18d3e56c2d89a1
-
SHA256
0329e4b80be853302b4cb08a84d70b54de5cb86247e50e5cc6d4a8f568a9aa00
-
SHA512
4cf814c24341ff2a19be8f7a53a35440fa7dac351c676c1524eae7f76832e3ca73b2c2130df22e75e62b361feb6cd40709d957adeadcc8be673e1586cc2518cf
-
SSDEEP
49152:HFiLmDjg0HEUKlTuK6igRROMCTI93qkw6SPjVqr1oO7jFj8Jlne+htT+:kSDjTHEUKlTuKZgjsT63+60JqZZn58Jg
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
ls.exedescription pid process target process PID 2700 wrote to memory of 2292 2700 ls.exe javaw.exe PID 2700 wrote to memory of 2292 2700 ls.exe javaw.exe PID 2700 wrote to memory of 2292 2700 ls.exe javaw.exe PID 2700 wrote to memory of 2292 2700 ls.exe javaw.exe