Analysis
-
max time kernel
143s -
max time network
145s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
-
submitted
07/06/2024, 07:02
General
-
Target
b0e5f8c8852ec48561adea7d63cbbbf172875fb037d47af7c71aa2efd7943027.exe
-
Size
12KB
-
MD5
32ec64b99cbb391c949d834883f27fe0
-
SHA1
819ad04a01578088bae0cb42319bf60479b27c4c
-
SHA256
b0e5f8c8852ec48561adea7d63cbbbf172875fb037d47af7c71aa2efd7943027
-
SHA512
405ca114c02f5a078cb4b5a272f92dd70c5fab7e096faddcb4297c5f69611cce677e959b8b3e92775444b7c0a1b89881cca578efe54e2de3a602a01f9f8b2e09
-
SSDEEP
192:CGSxI1/HY6txkt60qvXvftpBCz4zKShCPso2I7tJNGyvjSWlJdxqHL71x:U36tWH2jjZ5FWwBWlJj+t
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b0e5f8c8852ec48561adea7d63cbbbf172875fb037d47af7c71aa2efd7943027.exe"C:\Users\Admin\AppData\Local\Temp\b0e5f8c8852ec48561adea7d63cbbbf172875fb037d47af7c71aa2efd7943027.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607070309273.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607070309273.exeC:\Users\Admin\AppData\Local\Temp\242607070309273.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD56ab50188229e00e7e7ad4e9c16f61e41
SHA18ed1624c0d963b4260d72099369d02e35c83a1ff
SHA2567ce50c75aeed2d4c2bdd9666f19d64dd24a609b0e1627bbb101b112e9db0e9f2
SHA51278d6c1588fd4bfec5203883ebfcad7758eac9d8fcdf0e058136a334057705ca6789b12c0b148b1da50f88d79697c0b72b86455e6fb54093be77dea9b55472934