Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
04/07/2024, 04:24
Static task
static1
Behavioral task
behavioral1
Sample
1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe
Resource
win10v2004-20240508-en
General
-
Target
1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe
-
Size
5.7MB
-
MD5
2e9271f5c6d81a6f18616eb875d54e51
-
SHA1
860853850ae1b035b3c31a940e2344c65105ca22
-
SHA256
1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f
-
SHA512
151206ebb5f12734d64de9b8a3349be29a2444c0a906822ec90057ccd62d039999cd5d8fa582d1fbffa3f83b0fc6213fc462a2cadc1f9b2803a9b4b8b9eb7a98
-
SSDEEP
98304:j/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmMkVJ:mMD+cpvJ/4H3nmghWoa/fsysMF4JD85l
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1300 1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 1300 1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe"C:\Users\Admin\AppData\Local\Temp\1c044c83e717d515a62bb7862406c8ecfc3c95e9161fb341a43c6e677cd3c80f.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1300
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
657B
MD580f4ff520056556bb019cdb42fb32b97
SHA1fb48a0d2a1e1915b007f53a0af3606a9402fd5af
SHA25617cfb6146ead961f15521b0d5408093c5b12bde695541406fe35923b1eb86f56
SHA51214f81bf68f0b1396a48082e9d56501e74a2c16e2d65ebe91d63d56def5d2815fb1a1237c956efce2ec20a8085c7ec64f64c33874611c539fd9f0e05fd4d25864
-
Filesize
315B
MD5249292901d786c43b64407c47261311c
SHA14141acde97cb6841b88942c719a33bfcf54ae09e
SHA25601183899e64217d0f07d43852f7f15f613b992d1b7f5f9e48be7665449bd5aae
SHA512539fb89b825d9ccc28f7372195fe3cea1f25be17b1c6a61a3918f47d016c410e8bfb98217e924a3b95676ee66bc17baedd4161b4c34ac9e3437b5d3166e148a2