Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
25/08/2024, 15:38
General
-
Target
main.exe
-
Size
15.8MB
-
MD5
e9c3dc6572f9aa862b2c961f8401b76b
-
SHA1
927f1152e8adeb7d735f538d475a1d231fbece9c
-
SHA256
10151664d5478a2e6494a35cc3ba8a2e178c065f30c553b24cd42dd9db080c06
-
SHA512
ada0d2e8afc678867a658c627830bd753744942f2bfb558afe3a30422597b21814b019b9d2bfb6509ecb5d6cf3b9cb19b57ec74a0d4de37f5a0fad3f34202e62
-
SSDEEP
393216:1x7/6AMYQ6z5oqAqFQURus6yaw7AV9h7BIgfDBf0nuKYsj:L9MYbRAqFxmyawI7nfDBf0hrj
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\main.exe"C:\Users\Admin\AppData\Local\Temp\main.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\onefile_2672_133690738974622000\main.exeC:\Users\Admin\AppData\Local\Temp\main.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
30.0MB
MD559d7b60a0bacbbf7384eb9da140a5855
SHA1ecaf3be4fca9613c43a03d9826a3cbbf74d5a182
SHA2560d158a3872cb11dd530dd0ab68d42e09aa61f2eb99a38a976d5a3298e4bfa6b3
SHA512e236973d69fec628d52b108e195f20845a46521a6a5a855470a7495cb24c765926f9fe36381dbf7678f81bc362a732dbe22a24e6c46c9054f92a6615680f543f
-
Filesize
5.5MB
MD55a5dd7cad8028097842b0afef45bfbcf
SHA1e247a2e460687c607253949c52ae2801ff35dc4a
SHA256a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858