Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
-
submitted
07/06/2024, 06:37
General
-
Target
c261aa9ead3b4fb359fed8301cc19bb442fc8df4c5344ff898e7791f74b7b770.exe
-
Size
13KB
-
MD5
f8a47069922c63abc0a97f84279e4471
-
SHA1
40eaa2b8c4cfeee83fa41372b4ee4b33e05571ba
-
SHA256
c261aa9ead3b4fb359fed8301cc19bb442fc8df4c5344ff898e7791f74b7b770
-
SHA512
42c4e27b79f565492180c2a9c56501520de007d23a7821c1a0b5c766c03fc1a41b363599a12db93b8d72551248f330e96d45e418a6b0412456979f6fcdd23510
-
SSDEEP
192:XIWI1ZCzatlfm46s2luEnVHJxyHRvOPNoPYgb9T7s6z6IHD+i2WlJdxqHV1xb:PXatNm461cGPXgb5K9WlJj+35
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c261aa9ead3b4fb359fed8301cc19bb442fc8df4c5344ff898e7791f74b7b770.exe"C:\Users\Admin\AppData\Local\Temp\c261aa9ead3b4fb359fed8301cc19bb442fc8df4c5344ff898e7791f74b7b770.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607063725304.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607063725304.exeC:\Users\Admin\AppData\Local\Temp\242607063725304.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD53854ff6b7b02dd219e8134f3ccd2d382
SHA18caaa63aa03dda6b4b3a1e30524336578446b34c
SHA2563d2c35af677a22ba2a2b7925b11dedd9efeb325c154bf803dec27562a003fec5
SHA5122137b01cbbd19f213e64716a94d6259820e1095b24db0df881f3d56354cbaf941a636ff5171221b92fc6e6854cf908a05cfb4f26361a6cf151ebe1e5d1983fc9