Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 21:59
Static task
static1
Behavioral task
behavioral1
Sample
SKMT390028.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
SKMT390028.exe
Resource
win10v2004-20240508-en
General
-
Target
SKMT390028.exe
-
Size
1.1MB
-
MD5
ec61712c6c60c8249e591ea6d64db59a
-
SHA1
1692ee6f1e0a6bf32407a781dd4c9aba3a737d26
-
SHA256
06eff0b0dc021ab79b61bc72aff871df18c73bc518b9a7116124f86828ea630c
-
SHA512
f1317454e15a8fdb1a407ea3c38d53fb6b422b878f721f701bae1c60a5ae5590dbe50b60ece1bd7d811bd8087669ae5c331b2ace1af76948d102c82ff864fda6
-
SSDEEP
24576:W6nVMk+HIj90cNHX7Jp4KQJeyYFZdCWoeemJsIbWxkwIkKBqSI1xij9O:NVz7tVrJG/JeVZiYJ6xEkrSeic
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2172 wrote to memory of 2664 2172 SKMT390028.exe 28 PID 2172 wrote to memory of 2664 2172 SKMT390028.exe 28 PID 2172 wrote to memory of 2664 2172 SKMT390028.exe 28 PID 2172 wrote to memory of 2664 2172 SKMT390028.exe 28
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
113KB
MD533501205e81570bb9df5c3958d002638
SHA101c26d2b651680acc4b7d6a04064b7a8e514cb4a
SHA25686b89a4e4ac35f94ed0335d811a5876497762d52a5be99b27b73c9d8d8d097cc
SHA512abe4bef198a6e803ef591cb19c7773ef5c1bca8049366e5b6acf5701121f307e59fd8279bc1e7fc93d12352a9112ff27a846a8219cfd2fb4a5c16b5556d2f3c9