Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
07-06-2024 06:20
General
-
Target
bdca77f9a4ef4b2b3af6751ef7a15b06b8d3f30bc95c7ae68bac2935b33dae35.exe
-
Size
13KB
-
MD5
9e8a8ac2d700c753a18311a51a336e81
-
SHA1
580664e366c6fee8b6bf342f0de249ff4c15e3ae
-
SHA256
bdca77f9a4ef4b2b3af6751ef7a15b06b8d3f30bc95c7ae68bac2935b33dae35
-
SHA512
794eec0de4818de740512d7185d6a5bdb32a8da0113879db1e070ca6620dcca971d0bac12e043798dba446bcf735c2d3bda5951fe443f30628d7edef0621382f
-
SSDEEP
192:eiaI1nYW3ChY+mB6ZaMQoG5fsMl1G7YiLPEZySv1bNty77VWlJdxqHeH1x:YICh/m/Md7Yl1NU1WlJj+u
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bdca77f9a4ef4b2b3af6751ef7a15b06b8d3f30bc95c7ae68bac2935b33dae35.exe"C:\Users\Admin\AppData\Local\Temp\bdca77f9a4ef4b2b3af6751ef7a15b06b8d3f30bc95c7ae68bac2935b33dae35.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607062102339.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607062102339.exeC:\Users\Admin\AppData\Local\Temp\242607062102339.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD5fbfb10f69a73aaf318941d82d60cd857
SHA1465bdd550c29618776d12ea7a66f80c5e5002836
SHA2562779bbbf6426c132c3b4a03d493bd842c6562852bf9824f2b6e5039c0cf1c813
SHA512323b51060ff350f1e3f3490b8a82ff2c2da4e258cc78a1dc3f159006c18d6b9c9a8f7534cf8b0d83015b8c42fe9dd2db4e5d0db8e6f6964faed745aac693cfd5