Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:39

General

  • Target

    lowp.exe

  • Size

    145KB

  • MD5

    a03347e7e784c0ecf184ef07ea097f73

  • SHA1

    f378a1746a16fc4ebe6747aeea3917a276000d24

  • SHA256

    47e0f4c029be93ddec7b5240992d768ccf852e9c2724cb738971f789fa7d5676

  • SHA512

    9db3bad0ceda736f9614ec288f03b1ffe6762470a0511857cb85c41eaa9c59cabc27c06248870f53fef7923e2eeb5f5745e4d12c467e173fe3db7aa2a1e7f6bb

  • SSDEEP

    3072:bIl+HgRe/nVT4T9SsuGjOc1HsvIAIQrPWyic:bvARe/d4ssp6ctSIVX

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\lowp.exe
    "C:\Users\Admin\AppData\Local\Temp\lowp.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1684 -s 84
      2⤵
        PID:1964

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads