Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2024 00:33

General

  • Target

    13da376f47576e3d022dbb16671fbd8501c3d03c06ccbcf83f361cd757b0961c.exe

  • Size

    576KB

  • MD5

    64b2f12c07091c97a05adb0dd7946470

  • SHA1

    7c33634c09f13c74cba2da37d047bce4b6e0ac60

  • SHA256

    13da376f47576e3d022dbb16671fbd8501c3d03c06ccbcf83f361cd757b0961c

  • SHA512

    5c1484c10eec782adb0d55858c1489b36a4b186c08d502ad8fac38144ba949798fd4e5002cb6f0b8f74d6ab70262695f20f10749a5fd3c6625b910cf5ad47efc

  • SSDEEP

    12288:D42i4JTqkp3SKshEzt46A9jmP/uhu/yMS08CkntxYR:EJ4JTDPmfmP/UDMS08Ckn3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\13da376f47576e3d022dbb16671fbd8501c3d03c06ccbcf83f361cd757b0961c.exe
    "C:\Users\Admin\AppData\Local\Temp\13da376f47576e3d022dbb16671fbd8501c3d03c06ccbcf83f361cd757b0961c.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4276
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
      2⤵
        PID:2400

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads