Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
16/07/2024, 02:49
General
-
Target
55c4fce976296f1655cc43cac32a26a0N.exe
-
Size
5KB
-
MD5
55c4fce976296f1655cc43cac32a26a0
-
SHA1
e530ffffdda49d923e2397c010ece5b6e8b5a219
-
SHA256
396d6be9b81cce5334de2cf4e9d643efb64927af286758aa2f48b2145b24ee81
-
SHA512
5545d4dc2b8e62a4222752751e196483b0e6b95e0adc999a05282dab718b9acf4ebfeb94d53699cda7c5712130f92e78d857dd726e5ad34285cc90b6a2f4ae26
-
SSDEEP
48:qajxtxAmcRB/G99//8dIJMPC3u1rsHB/VnC/RAxU92CS70ALNxD8Q8:FnKhLPdUUiuuHnnwR2U92ClAhxDW
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\55c4fce976296f1655cc43cac32a26a0N.exe"C:\Users\Admin\AppData\Local\Temp\55c4fce976296f1655cc43cac32a26a0N.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\budha.exe"C:\Users\Admin\AppData\Local\Temp\budha.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5KB
MD5fc4552c59140c7e1c33d4b9eee9a727b
SHA1bb1d75da4dfc3fae17ecd72b0fa1576210a9b682
SHA256e8da8d19b04f04468b6f64dfc9c53e988a6c912628df21171aa255fb6f62a1db
SHA512b6bd841c436856144d45cfaac5f1ad5a563d714bee98d3f9d146f2f93ba66dfacad59781f683ddecab77317b84244caa8917c50e3e1c6a3bca2bad22b37d9f20