Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 11:17

General

  • Target

    5daa38a2692827ae02e4cf058cb9d0dded63fb774437916045827652bf1c3b5e.exe

  • Size

    428KB

  • MD5

    d36be24be0afd787fbf489da9d2338ea

  • SHA1

    24a25aa9bc2e9bd3a3aed614c87c52fe889a249c

  • SHA256

    5daa38a2692827ae02e4cf058cb9d0dded63fb774437916045827652bf1c3b5e

  • SHA512

    076b36f81c4d2cccf3c127dbd7e38e83379c05e8d2b5ad3c219977f4745644e3e5bfb6a89fa45c33b620f7f4b2250c6d3d26aa64b535b631f4bde619b26e9afa

  • SSDEEP

    12288:ph1UQbSAhgOWAlCwF3DMLo/r9PFCIhlrWDxwP:ph1uAFy84cZPJbyNw

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5daa38a2692827ae02e4cf058cb9d0dded63fb774437916045827652bf1c3b5e.exe
    "C:\Users\Admin\AppData\Local\Temp\5daa38a2692827ae02e4cf058cb9d0dded63fb774437916045827652bf1c3b5e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\5daa38a2692827ae02e4cf058cb9d0dded63fb774437916045827652bf1c3b5e.exe"
      2⤵
        PID:1716

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1716-3-0x0000000002610000-0x0000000002880000-memory.dmp

      Filesize

      2.4MB

    • memory/1716-11-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

    • memory/1716-14-0x0000000002610000-0x0000000002880000-memory.dmp

      Filesize

      2.4MB

    • memory/2528-0-0x0000000000400000-0x0000000000432000-memory.dmp

      Filesize

      200KB