Overview

overview

7

Static

static

3

Teaching F...16.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1801s
  • max time network
    1755s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    15/06/2024, 00:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Teaching Feeling 4.0.16.exe

  • Size

    258.5MB

  • MD5

    4a27e565a9f38677569a765ca6796685

  • SHA1

    4d00c1b423cbcf42be22ea1c8b01ef74036bdb1c

  • SHA256

    bf96a1a1175dfd5b43ba57041fa39417475259394d2efa97a68c546cbbe32218

  • SHA512

    c768281446877648f8d6eb5c3fa4409ef6b39ac1450385af8b5200a19fad8973dba22503453dd4a9741bd4cf098ae8394e94cedd0f451c8d76fc2c586289970d

  • SSDEEP

    6291456:sc5vucKjMn3RyeTwR+4hVb+XiUIzTm1lb7APd:h5vNKwnhyIw84aXEy1pAl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Teaching Feeling 4.0.16.exe
    "C:\Users\Admin\AppData\Local\Temp\Teaching Feeling 4.0.16.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4116
    • C:\Users\Admin\AppData\Local\Temp\is-HDJGF.tmp\Teaching Feeling 4.0.16.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-HDJGF.tmp\Teaching Feeling 4.0.16.tmp" /SL5="$501E4,269655023,831488,C:\Users\Admin\AppData\Local\Temp\Teaching Feeling 4.0.16.exe"
      2⤵
      • Executes dropped EXE
      PID:3716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-HDJGF.tmp\Teaching Feeling 4.0.16.tmp
    Filesize

    3.0MB

    MD5

    2f1e3963045f21504207c4ff2345bf45

    SHA1

    103aea2df24d7372dbe49d5c0fd2ce4300ce7512

    SHA256

    3d6f2def32897a21ead954893fe7f265059283ba5ebc58d87954fec00f2aa780

    SHA512

    988e8f9899fd7b15dc13219c88bbb2c89e7da5523ea2701b5da12a57d0871aaf977f6e9aadde73f03d59e2f29540143e6cd131ed64b5139293e3487094ff98e7

    Download Submit

  • memory/3716-6-0x0000000000400000-0x000000000071A000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/3716-9-0x0000000000400000-0x000000000071A000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/4116-0-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/4116-2-0x0000000000401000-0x00000000004B7000-memory.dmp

    Filesize

    728KB

    Download

  • memory/4116-8-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download