Analysis
-
max time kernel
142s -
max time network
99s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
16-07-2024 04:49
Static task
static1
Behavioral task
behavioral1
Sample
bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe
Resource
win10v2004-20240709-en
General
-
Target
bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe
-
Size
6.0MB
-
MD5
ae65db8de36f1ca158d9ac4a613538c9
-
SHA1
1bac18e4cc6b85d573186e2c8894cd1be6918e4a
-
SHA256
bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026
-
SHA512
49ca8d4f360e649a36a388982fb883605b5dca95621f7be4ef4c6dc0b7fc17d295367cbdab428f02da77232f1c8b9dc772f9eb902e8bd4f5ef442e547e49ee87
-
SSDEEP
98304:1+VeEILLs9RePlunREyERv+eeNLo1iQVDUQ/sM5qTFiGGDxnFWE//:WGjRPSgz/ITFiGGP1
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 5 IoCs
pid Process 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe -
Suspicious use of SendNotifyMessage 5 IoCs
pid Process 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe 4376 bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe"C:\Users\Admin\AppData\Local\Temp\bcb89bfda5ba2c5248c36c592fa32399aa5177d1d02f2e1ed15ff43c06de5026.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4376
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
146B
MD5023c29756b6fa6015109478efc9e87a1
SHA128156b01ffd82f006b4e5f7b76b853e3fdf76a5c
SHA256489435430e55106ba9c1bf22c5f82b64452bb6ec76b7f15e4c978838e6b5810b
SHA5124adab136a575fe151d20fc36664d76e3b5b48bbcc913bf0ebdb0de60d1059dea6cd9653d131399b2cfb63b60730b096dd8159742f725c1c3fda851f9514ec988