Overview

overview

7

Static

static

1

structorizer.exe

windows10-1703-x64

7

structorizer.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25-06-2024 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    structorizer.exe

  • Size

    8.3MB

  • MD5

    2e17832ca5e8a88a6c20fa8fe9204ded

  • SHA1

    355e063226f0412db56999a47855ad2978611563

  • SHA256

    88f28ccb15fd5c8e688f19bffd92be4be0e60b96876b2b6ca19ff5e56bc6cd16

  • SHA512

    2b6bef95af9a28fff1afcc069052a38785567e552d572d5832c13d6518349dd877ba455cd40d6aab5e366a6c32b427c2b580126b9692133bd255ee5b3caf2f4d

  • SSDEEP

    196608:EPygQH4NfYIdkW+pDwAsDlXHXXWwdVkgOghf9wv+zsuc:IyToYIqW+pDNuXHXmGWM9wv+zC

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\structorizer.exe
    "C:\Users\Admin\AppData\Local\Temp\structorizer.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1220
    • C:\Users\Admin\AppData\Local\Temp\is-HARQG.tmp\structorizer.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-HARQG.tmp\structorizer.tmp" /SL5="$60206,7895888,780288,C:\Users\Admin\AppData\Local\Temp\structorizer.exe"
      2⤵
      • Executes dropped EXE
      PID:4984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-HARQG.tmp\structorizer.tmp
    Filesize

    3.0MB

    MD5

    b504e376bcbc84c43aecff21549dae08

    SHA1

    0f8aab26d732364400477795a8fc31ade4aacfe0

    SHA256

    f0733357232c9341613e1a7328ccab89888fdde1344f8bbc6d49b24857e72b73

    SHA512

    1a543ff3522346284720d9fc33cd04a32cf935f57b1a68cbe991b63c9a1910873f628a8eaf9018872c7c51341b451fdf009729c8a33296211da135a929da9524

    Download Submit

  • memory/1220-0-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/1220-2-0x0000000000401000-0x00000000004B7000-memory.dmp

    Filesize

    728KB

    Download

  • memory/1220-7-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/4984-6-0x0000000000400000-0x0000000000707000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/4984-8-0x0000000000400000-0x0000000000707000-memory.dmp

    Filesize

    3.0MB

    Download