Analysis
-
max time kernel
16s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
09-07-2024 11:55
Behavioral task
behavioral1
Sample
CV_zheregelya.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
CV_zheregelya.pdf
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
CV_zheregelya.pdf.lnk
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
CV_zheregelya.pdf.lnk
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
cv.exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
cv.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
version.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
version.dll
Resource
win10v2004-20240708-en
General
-
Target
cv.exe
-
Size
544KB
-
MD5
17954e24dc5a85c3d107b46e1250cc12
-
SHA1
3c40842922857c46586a394e536aa503a94a4257
-
SHA256
729f127be9398f24063555026eb9979bc3c49554caf0ac221aafbd87faf74037
-
SHA512
9d3aa9143d7f9519ed2a3b148a4c92f89c54c50f5a3025d53768a56fdafd094bee6228f05991568f9e07a72e65245cb6b5efbdff6a38eb144218f7714fe28617
-
SSDEEP
12288:HnDmDhpuQj91cbYeChYgG10tJQuvtcRbnu7O:HnDmZ9BeChYgG10tJQkwbnKO
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
cv.exedescription pid process target process PID 1820 wrote to memory of 2424 1820 cv.exe getmac.exe PID 1820 wrote to memory of 2424 1820 cv.exe getmac.exe PID 1820 wrote to memory of 2424 1820 cv.exe getmac.exe