6a98e734207cf716866d627d159cf5f63c501ebf932147d68ce34d1657951fba

General

Target

JM Soloutions Loader.exe
Size

1.4MB
MD5

bc64ab9131d64c3e7deb91d87bcf9561
SHA1

2d57be0114d349601b673c9f37b505823b7840d3
SHA256

6a98e734207cf716866d627d159cf5f63c501ebf932147d68ce34d1657951fba
SHA512

af6abc718156f3a6d0b5913921801bbd5a602279027e04cabc070cd1a55b091ecb603e02c14260d08bf6e61f572209690d3295047fb2b7f0d0f304326f2fb088
SSDEEP

24576:PFKLLpV6qjIb93Rlg+awqwUwExIPfA8OLhJ9yp/xCcTOuIrmkSkkkkkjOWnov:i1V65h/qNwffAj3g/bTqSk6Wno

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
2228	JM Soloutions Loader.exe
1136	JM Soloutions Loader.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2228	JM Soloutions Loader.exe
2228	JM Soloutions Loader.exe
1136	JM Soloutions Loader.exe
1136	JM Soloutions Loader.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2700	2228	JM Soloutions Loader.exe	87
PID 2228 wrote to memory of 2700	2228	JM Soloutions Loader.exe	87
PID 2228 wrote to memory of 1136	2228	JM Soloutions Loader.exe	91
PID 2228 wrote to memory of 1136	2228	JM Soloutions Loader.exe	91
PID 1136 wrote to memory of 1360	1136	JM Soloutions Loader.exe	92
PID 1136 wrote to memory of 1360	1136	JM Soloutions Loader.exe	92

C:\Users\Admin\AppData\Local\Temp\JM Soloutions Loader.exe
"C:\Users\Admin\AppData\Local\Temp\JM Soloutions Loader.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2700
- C:\Users\Admin\AppData\Local\Temp\JM Soloutions Loader.exe
  "C:\Users\Admin\AppData\Local\Temp\JM Soloutions Loader.exe" 2228
  2⤵
  - Suspicious use of NtSetInformationThreadHideFromDebugger
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:1136
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c cls
    3⤵
    PID:1360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_056B48C93C4964C2E64C0A8958238656

Filesize
1KB

MD5
b132211b6b3e433d1f587004b6a5d33b

SHA1
00d10bec37ca33325cc33508d6233596ba1c6690

SHA256
952900920d33464ea4c3c3389ebcb164876bd8f5d11b95a50e4e5146b2f2f679

SHA512
7e46ecf34a8e8f486cf6bda698369ce6aa7c263816ba620e859f00453f3f3b510365a74faaffe9c7feaa640e0ae09b9fecc6a902370db8ec84607440180a5d8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

Filesize
2KB

MD5
6579d514a7476e2bb7c2df18ab04f75a

SHA1
412b23f4191fbc9cb2495c99951ed58ca5be3f74

SHA256
da58e74e5b4820c31645709f648dced9bd2f3412e2081688f353804d5b4e2e7e

SHA512
2b7d74057b3ff67ec5ca3981d05437eb6ab9cbb8e1b240562dab962ac56a4584f6afdebbb489bfde4ebe8c19ebf8a4811b12b046c0f1bc6943589bda205c2fff

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

Filesize
1KB

MD5
350466e7ed59b1f45e2c580c5b182be0

SHA1
942fe03735e2b0cf6c69cd44a0f681ef26c52f07

SHA256
e974f061862ab2f9d853ee6e795fa0d2eebb9371be5ef0e5f1e4501aca2fe04c

SHA512
7aa1a9e70a9730d486f8fdf7dff734ea12907b3d914a9f5080081642d383f30987e7ca070b709e9e72ff2976dd3d0a624e34e6a55c46034b0157641144fdd646

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F53EB4E574DE32C870452087D92DBEBB_D7B2A7EA57402CF9609644C10FDC55CA

Filesize
471B

MD5
72bbbf2518e78317d0da691b992eb439

SHA1
41de3fdb7d2de97e3a1e54cd3be6f67afbf70037

SHA256
f718f981cb33da9628161a8d4d3ab990f8da9d707c2474f7d36af5256f61e6b3

SHA512
6cadae1fad803a494ccb64fc75cdaefc03e9bc9a34731e97eeefadcf52168cad446202bcc81651cdff3bea1bc9abfeff66ffdb5a4f897a1921ca4672e2708ce7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_056B48C93C4964C2E64C0A8958238656

Filesize
434B

MD5
5c0f5564525dc0d91395037e2e9557f6

SHA1
7ee671994f6ac9d2c323d8ed930abda5fd9ed2ce

SHA256
5406861655d1771fb6c1f34452f74adc64ccc108c7c0a77127cb278f229cf120

SHA512
7a290640ef40ef02953f77fc2696a9725698b7b61ca0c171462208ceb006a12962be669eb85273a3ba5b5cd4c00d4fe4334f15ee8922bf9c0b095c73ea737ac8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

Filesize
458B

MD5
a10e0b2a5e52aeed0a207e859658cfed

SHA1
2f3b69132606d1fc005900643172ab59aed2647f

SHA256
31bc966e897c6dd4d51cc2d707ced410b5be266f3320478da56320229811ce9f

SHA512
e9497cddfe6ff5f26030f92bfcc32566e05a67d7881848e5d0b8f60ac54c0aaf04b91089307c765dc1831242449a2c10e5706b539e43955a75f2894b959ecc80

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

Filesize
432B

MD5
927b0fa685d6378b4758bd9a9e6de05d

SHA1
44e39c1ea1868c300c25572e699cd1e81c4ec62a

SHA256
2d1afd05fbe03da4aee79f54789a2beb24046389e8a950e7b3c8ec0e6fd49236

SHA512
0f431a42092b8ec852f2584b430cca184a7b3eea4e07fab1b8915cb1a1eaf665b2bfd3ecf112d9163916e7782f8b0dc1fc92cbb3f71e9160810c1e5395fa3110

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F53EB4E574DE32C870452087D92DBEBB_D7B2A7EA57402CF9609644C10FDC55CA

Filesize
426B

MD5
00c5ab35a876446187be573fb3399044

SHA1
62524daec28637df9dec85ca47ebe7dee1325be9

SHA256
183d7a853f3ed3c3b81f148031397bddda02f329402d2af16b2dd1b93a60fc5c

SHA512
73858393f3aead5c66434e71e2ef756d478c81806d9ffa8cdbdd32e36f653fe47c0e56de2400d74d19fda6e8cf1ca6f753acd14e7f3637208acfe4b6fadd9dc8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads