ae6967e15d0a441949fac6f6326992be01e6400b633ad77f53748dfbf867f279 | Triage

Resubmissions

09/07/2024, 17:26

240709-vz1hzsxbrb 7

09/07/2024, 17:25

240709-vzksjaxbnd 7

Analysis

max time kernel
141s
max time network
136s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
09/07/2024, 17:26

Sharing

Report Analysis Logs

General

Target

bin/app/PSPdisp.exe
Size

620KB
MD5

225f1b96ea7d7c74d0dc7f6e9d75649b
SHA1

f613a2c939aa6b947be8c66f4274bded2c714390
SHA256

c837e4c27f86b398e918056a72971bc71a8dcc2aa4856803d540d757303953d7
SHA512

787153732d0c246d28f4797067eae47845a01acee70b2916d42c487af2c8bfad6aaa4f549aa4fb69a8ef36c45f7fdce02f7f20fb71feabe773feaa02cfd3774f
SSDEEP

12288:2/9a4upgXG71bbEu8bMIhGZ/caQxHQ3yM5wG+V9JVyCAOE:895FGhPKbMfNQxHv7+D

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe
352	PSPdisp.exe

C:\Users\Admin\AppData\Local\Temp\bin\app\PSPdisp.exe
"C:\Users\Admin\AppData\Local\Temp\bin\app\PSPdisp.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/352-0-0x0000000000A40000-0x0000000000A41000-memory.dmp

Filesize
4KB

Download
memory/352-1-0x0000000000400000-0x0000000000599000-memory.dmp

Filesize
1.6MB

Download
memory/352-3-0x0000000000A40000-0x0000000000A41000-memory.dmp

Filesize
4KB

Download
memory/352-49-0x0000000000400000-0x0000000000599000-memory.dmp

Filesize
1.6MB

Download