Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
24-06-2024 01:21
General
-
Target
af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe
-
Size
36.5MB
-
MD5
0e12bdd2a8200d4c1f368750e2c87bfe
-
SHA1
6c8b533e2c7f6ebef027971c3a06f4c55ed64cfe
-
SHA256
af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403
-
SHA512
909f15876f3a6cbe608eb53df4286927b013c45ff6acbc496a1590b9cc3fe47b1bb449ed45c3302f6d03cccb876cd2cc26f2b5e7c1ca4ff2d17dd4dee77bf75b
-
SSDEEP
393216:sYJEy4Te0rrigZ9BCbZPBKAgKBXSTzdOskYXXDeycerzHP+THt+/nDSpQg:sYJcrlZ9BGfg8XIJOkXXPCTV
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 2 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe"C:\Users\Admin\AppData\Local\Temp\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403-15b1414fbde317d5\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe"C:\Users\Admin\AppData\Local\Temp\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403-15b1414fbde317d5\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403-15b1414fbde317d5\af77c0b6a10ac159b0e3c87c02e16a2b44daab8e67fe097327e90ae48f814403.exeFilesize
41.6MB
MD5312c3e03890f7d5242fe2158acabd4e8
SHA1d148cf18f876b55c03f2718bfff321b7d6287f87
SHA2566ac290f077cd4228dff7dc37a4c37e0a675207ad345543e8cd01008ce67ea751
SHA512da0e5c199a7ab586a17dd7b74cc4b6727ac5c9efcb3397b45f8806a6418c20bfc7515804ca10e2a9c52b207b56f3a56c86e3c3be646ffe27f988c59b0bc66971