Analysis
-
max time kernel
107s -
max time network
111s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
-
submitted
07-06-2024 07:04
General
-
Target
dabc7e6fafab3f40a5741a66e938cce395457bb8aa6423694702f083bbd12186.exe
-
Size
13KB
-
MD5
d8a3545f3c56517c4e44f35c7ff41962
-
SHA1
49f693f257060381e2d5d110f038de49f44db67a
-
SHA256
dabc7e6fafab3f40a5741a66e938cce395457bb8aa6423694702f083bbd12186
-
SHA512
5f8d52ed21a72bbbbf16010226d46832696fe536b2c6db017a5f823ecfb1a1e7a19d02b4539deccf44ec0cc50a488ad335cfe045b6ff39741f5cdf3bd4de7921
-
SSDEEP
192:sarI1gAMbu0Gz2d6ypL4AuTsqsnKTcPjn0+EPegJlrGO2qWlJdxqHJw1xZ:nyMbu0GiVeS0++xIKWlJj+oX
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\dabc7e6fafab3f40a5741a66e938cce395457bb8aa6423694702f083bbd12186.exe"C:\Users\Admin\AppData\Local\Temp\dabc7e6fafab3f40a5741a66e938cce395457bb8aa6423694702f083bbd12186.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607070412255.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607070412255.exeC:\Users\Admin\AppData\Local\Temp\242607070412255.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD55e39aa46d90355669bbc6b17972d2eb2
SHA14fb4bb5e759c498c6e20f836b6ba40338e5e1736
SHA256f086e4d5fe53f61ccda4da8d555f96739b14d68c81b2e55e3a4cf49854d6c5a0
SHA512a444b9ed708c07a4ff448737d08e72c6446821b0e715330e5447d1531970f3033a1ab1ea587200e691784f3ee8e18f69471dcf3df9cc7bd29ff62c0edc8c635a