Analysis
-
max time kernel
92s -
max time network
100s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
-
submitted
07/06/2024, 06:23
General
-
Target
0e3e2ab5f2f92e4da4a3186ed9b8a1c5f49f8f1ce0b736c7a26f2077367a93f7.exe
-
Size
13KB
-
MD5
5a97dec7fb0e12c673edb8a1c6b74661
-
SHA1
93572d7507a96e126da67bc54f16ea462ce588af
-
SHA256
0e3e2ab5f2f92e4da4a3186ed9b8a1c5f49f8f1ce0b736c7a26f2077367a93f7
-
SHA512
c3b8a7d50feeb6a0634e841f6ddcf4528c4f9e16c40953662a901ffd2137a61e64fb056acef782cacba9f9f63a9f3774fdc98f4c598349aba35c397522e45a47
-
SSDEEP
192:AnTI1yMgH12AG26WByZWSi7gffuZgTtxP66wKPOWC/WlJdxqHNn21xp:QXJH123UgNtqn/WlJj+iP
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0e3e2ab5f2f92e4da4a3186ed9b8a1c5f49f8f1ce0b736c7a26f2077367a93f7.exe"C:\Users\Admin\AppData\Local\Temp\0e3e2ab5f2f92e4da4a3186ed9b8a1c5f49f8f1ce0b736c7a26f2077367a93f7.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607062352282.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607062352282.exeC:\Users\Admin\AppData\Local\Temp\242607062352282.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD5d1c5150278c09b9e3d4925fe91089d72
SHA10511bb957f249b72944730448a7d77d1a814bb51
SHA256abd80f785ab7ed322e980f911f28fa4fd141a03aa909916f6929190e6ea8a6f2
SHA51289c05751b247f3f4c0af337cefa048126614091eab9e5a39c6f96a78d1e71f6180090a70b072340be1d12229d88687e92412b2f9bf79e56d2424fa480eb17ec9