Analysis
-
max time kernel
117s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
08/07/2024, 03:27
Behavioral task
behavioral1
Sample
momentomo.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
momentomo.exe
Resource
win10v2004-20240704-en
General
-
Target
momentomo.exe
-
Size
6.5MB
-
MD5
be3b004700a8a0ca27d0d65841f688b2
-
SHA1
df11006024fd315c945186026575bce7811d75e9
-
SHA256
f50c6f8988f58a6cae0b1a111136dc0de13cc9192a006a686227764f0e0dae0b
-
SHA512
9101f80fdf1e0f28583d3c4dab7dc2270a842087b6ae1dcd32cd0c51828a860509e127c1677a61285149126baed9af69c53dde38769c28a42b419ca65c8f0392
-
SSDEEP
98304:4C08DmW5o1hZlzb71QGQCPDbZfxz87le5BLoHLSLgj8NnJwFDDEy2nZsBJ1nCkKP:p0QmW5ofdQmRKuErSEEJwdFvZnCkK
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2680 momentomo.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1900 wrote to memory of 2680 1900 momentomo.exe 31 PID 1900 wrote to memory of 2680 1900 momentomo.exe 31 PID 1900 wrote to memory of 2680 1900 momentomo.exe 31
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD5a72993488cecd88b3e19487d646f88f6
SHA15d359f4121e0be04a483f9ad1d8203ffc958f9a0
SHA256aa1e959dcff75a343b448a797d8a5a041eb03b27565a30f70fd081df7a285038
SHA512c895176784b9ac89c9b996c02ec0d0a3f7cd6ebf653a277c20dec104da6a11db084c53dd47c7b6653a448d877ad8e5e79c27db4ea6365ebb8ca2a78aa9c61b38