Analysis

  • max time kernel
    1s
  • max time network
    6s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-09-2024 17:33

General

  • Target

    DoomRat.exe

  • Size

    12.1MB

  • MD5

    b6f21ecc31778ba2362958d1e5091759

  • SHA1

    613dbf4e682fe14b8617908113fc5c7ba05de16a

  • SHA256

    94bd1fa65b9ee3fe4be830326ebcd918609ee260797391d1af8aa4ac470cce3f

  • SHA512

    d5d842d520fa1a5a768b62e3d4945f7aa49aa3079c78843cc70eb2e87515dc228cd8bda2ecbe70d1cdb8a94630687cefe587ee6dfac93685cd9e17473040ac4d

  • SSDEEP

    393216:HGV2CSQhZ2YsHFUK2Jn1+TtIiFQS2NXNsI8VbTToP:KYQZ2YwUlJn1QtIm28IKzo

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DoomRat.exe
    "C:\Users\Admin\AppData\Local\Temp\DoomRat.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Users\Admin\AppData\Local\Temp\DoomRat.exe
      "C:\Users\Admin\AppData\Local\Temp\DoomRat.exe"
      2⤵
        PID:2588

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI29922\ucrtbase.dll

      Filesize

      320KB

      MD5

      b8331536bf51ba61211ca35490bc6158

      SHA1

      163e530da5870c1ea073a2cb091168aeb279edf7

      SHA256

      3e69f09acfedf74a126f8906b12d71a9077bf21bec3aef000dc8a7650990ce5e

      SHA512

      c1f864c4569d33177ab9383f09e515754395db076f0355970210ceee8c4eb98f27d251929e489defb725a622f9011c95176cfd4093403eacdef03c0c8fa61a3c