Analysis
-
max time kernel
119s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
01-10-2024 19:29
General
-
Target
b0cdd339db7cce53f000570084d9a824744a58e882d72b0af69660813212ec24N.exe
-
Size
63KB
-
MD5
d9dd9947aee3f89f89375dbc0370a000
-
SHA1
c20d587b6ea34835881c7b17b1bbf3137c64f0c7
-
SHA256
b0cdd339db7cce53f000570084d9a824744a58e882d72b0af69660813212ec24
-
SHA512
f92786f12ef295f05569a01cb276d4509da450b7d64d690d5090650ed3ca59aa0b7c00f77774d04cbf05b09cbacfc8e967464d118b3c81596c309f7dd117ef66
-
SSDEEP
1536:lAo0ej2d6rnJwwvlKlIUBP6vghzwYu7vih9GueIh9j2IoHAjU+EmkcU+uhX2Lham:lAo1lOwvlKlXBP6vghzwYu7vih9GueI5
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in Windows directory 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b0cdd339db7cce53f000570084d9a824744a58e882d72b0af69660813212ec24N.exe"C:\Users\Admin\AppData\Local\Temp\b0cdd339db7cce53f000570084d9a824744a58e882d72b0af69660813212ec24N.exe"1⤵
- Adds Run key to start application
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\microsofthelp.exe"C:\Windows\microsofthelp.exe"2⤵
- Deletes itself
- Executes dropped EXE
- Drops file in Windows directory
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD589ae0db67f08fc36275bceafe0d31c7a
SHA1746a04758511576b1076d153f7a45dc5d9635351
SHA2563b362e4ddce855af8fe07862e3285fe9d5dbc7596658194da2ac119c7c6cd01d
SHA512530c75f2cffdca8e1e601958b91b9189a09189391cff16c80e5f74a127f83254d4f2a97bb81b69cd3f88018c993a5ee8165ee4460acd175d6e9339e4a3bd3cf2
-
Filesize
60KB
-
Filesize
60KB
-
Filesize
60KB
-
Filesize
60KB