017c74f0e2671302f5fef903ba89fa77666d86ec73ad8c838d88136e394fd0e1 | Triage

Analysis

max time kernel
93s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 19:11

Sharing

Report Analysis Logs

General

Target

FILES/MISC/COPYKERN.exe
Size

4KB
MD5

a1f2902bfb961096b2c099bbaf2289dc
SHA1

27d161ca784854b847b4dd40bf681616478efc9d
SHA256

bd1e64533a62f28f31fee1c6352fe3566b0b73465f3ebeb609f3f267eed4bb80
SHA512

bf0f2902d00a4307a5f59014cfd6c8c582676e263607cf4854eddaf9bd16876d1ec4a64c62073d9b1d7fe4b6583abf6ba41fc6cb718f7861c22bc299aff039ec

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\KERNEL32.LLD	COPYKERN.exe
File opened for modification	C:\Windows\SysWOW64\KERNEL32.LLD	COPYKERN.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\WININIT.INI	COPYKERN.exe

C:\Users\Admin\AppData\Local\Temp\FILES\MISC\COPYKERN.exe
"C:\Users\Admin\AppData\Local\Temp\FILES\MISC\COPYKERN.exe"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
PID:2852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2852-0-0x0000000000400000-0x0000000000405000-memory.dmp

Filesize
20KB

Download
memory/2852-5-0x0000000000400000-0x0000000000405000-memory.dmp

Filesize
20KB

Download