f852c303a8940bf411ae88e4d03474de75b7de07964a287ba6491fd3cf545a22 | Triage

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
03-01-2025 20:24

Sharing

Report Analysis Logs

General

Target

wallet-finder.exe
Size

4.1MB
MD5

12c13fbc1cb91f08144e44c5ed0f350c
SHA1

accc1f7ea8be71ff2b5126d9c68d8b36a1be9afb
SHA256

ea802b3b7bb8e2c558e14d6a946231dfa0f22e746e622296ce60babd10511f9f
SHA512

c4f93dd2129ae77fd5810d623ec55f16448738bf7b4b324d4a4a5530ff4f0dbe639fb7c23d7216b96b08171f28e86852ee859b2cde3a12023b2c10555405fe91
SSDEEP

49152:/xGK0l3e3uHuDgMhX32D/jzt2yd6CWw2Krd+S5rVWgpTZ:/xGK09yuFZ

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 2296	2284	wallet-finder.exe	28
PID 2284 wrote to memory of 2296	2284	wallet-finder.exe	28
PID 2284 wrote to memory of 2296	2284	wallet-finder.exe	28

C:\Users\Admin\AppData\Local\Temp\wallet-finder.exe
"C:\Users\Admin\AppData\Local\Temp\wallet-finder.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2284
- C:\Users\Admin\AppData\Local\Temp\wallet-finder.exe
  C:\Users\Admin\AppData\Local\Temp\wallet-finder.exe
  2⤵
  PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads