Analysis
-
max time kernel
149s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
22-08-2024 19:05
General
-
Target
boiii.exe
-
Size
2.6MB
-
MD5
c510051f24e1a02f054dde0c810a99ae
-
SHA1
6e95b2ab081b597e8d1ea2a56a4f79fd91aa2782
-
SHA256
c2bd2d739f684f985614322adb4e60dbb12a7bf4e4f80e66a3c720772e3db8b4
-
SHA512
b0437f6d753978a4821d7834ffa7634c044095bf319ab83903f584a7ecef4dc745ea90329b33920fd8350db0f82fc7107585e4d8ee2d7ea94f61c7b12ff4d144
-
SSDEEP
49152:zYOe3BUq0QFE4T+627zjhbkdHFqimF8R0WEkmrH:zg3Ba7oqimPWEnj
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious behavior: RenamesItself 1 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\boiii.exe"C:\Users\Admin\AppData\Local\Temp\boiii.exe"1⤵
- Suspicious behavior: RenamesItself
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\boiii.exe"C:\Users\Admin\AppData\Local\Temp\boiii.exe"2⤵
- Deletes itself
- Executes dropped EXE
- Suspicious use of FindShellTrayWindow
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.6MB
MD5f735cf4a04b61b019912737343068087
SHA1743876fcf7cd24ff0ce5c303c787f143ae04578a
SHA2566e12e10e88fc0a9fbd0477fdf4be6f5b7efd0bbcb1849281daeb1cd453acc684
SHA512e3d27f4d001a427e962e65ed4bbce472c3697f049318a0ebe8b788901976b145a058f3d97aa2c50de593351a79e0fbed0e53fdbd6937bb5d3770de638c40b6a2
-
Filesize
2.9MB