Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/07/2024, 04:24

General

  • Target

    1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe

  • Size

    5.7MB

  • MD5

    2e9271f5c6d81a6f18616eb875d54e51

  • SHA1

    860853850ae1b035b3c31a940e2344c65105ca22

  • SHA256

    1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f

  • SHA512

    151206ebb5f12734d64de9b8a3349be29a2444c0a906822ec90057ccd62d039999cd5d8fa582d1fbffa3f83b0fc6213fc462a2cadc1f9b2803a9b4b8b9eb7a98

  • SSDEEP

    98304:j/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmMkVJ:mMD+cpvJ/4H3nmghWoa/fsysMF4JD85l

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe
    "C:\Users\Admin\AppData\Local\Temp\1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1300

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log

          Filesize

          657B

          MD5

          80f4ff520056556bb019cdb42fb32b97

          SHA1

          fb48a0d2a1e1915b007f53a0af3606a9402fd5af

          SHA256

          17cfb6146ead961f15521b0d5408093c5b12bde695541406fe35923b1eb86f56

          SHA512

          14f81bf68f0b1396a48082e9d56501e74a2c16e2d65ebe91d63d56def5d2815fb1a1237c956efce2ec20a8085c7ec64f64c33874611c539fd9f0e05fd4d25864

        • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log

          Filesize

          315B

          MD5

          249292901d786c43b64407c47261311c

          SHA1

          4141acde97cb6841b88942c719a33bfcf54ae09e

          SHA256

          01183899e64217d0f07d43852f7f15f613b992d1b7f5f9e48be7665449bd5aae

          SHA512

          539fb89b825d9ccc28f7372195fe3cea1f25be17b1c6a61a3918f47d016c410e8bfb98217e924a3b95676ee66bc17baedd4161b4c34ac9e3437b5d3166e148a2