Analysis
-
max time kernel
95s -
max time network
141s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
22-12-2024 13:35
General
-
Target
isktuabvmv.exe
-
Size
6KB
-
MD5
4debf3d4be3833c81372eab33bcc8f99
-
SHA1
3c01f72309070804bda00f0545ba92dc32635d36
-
SHA256
a5a20c3c5c6a4882e770da52b1a8d498b39fdbf549bffa6b594566d7f26c99a5
-
SHA512
1418bc4717718a6f2fbbf738cde04509b5a8dcefe430b9be0dde97551248551f136e5d7649d8ef415ce67507cbb2c4c7b3ac29824f6abb611a4f658f46a74451
-
SSDEEP
96:BLdFF7rmlmOlmIYeFljSq1cD2V3pqjoZxRaLKC:xdFF7r7DIYejjSwqjoZXSK
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\isktuabvmv.exe"C:\Users\Admin\AppData\Local\Temp\isktuabvmv.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\isktuabvmv.exe"C:\Users\Admin\AppData\Local\Temp\isktuabvmv.exe"2⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3204 -s 6242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 3204 -ip 32041⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB