aff3e08b50336ce6a1cfe39c45d32d918dc6f190662aef666addb193f44d47a8

Analysis

max time kernel
117s
max time network
124s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
22/03/2025, 06:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

76c8afc286159014532e7a6a66114eeb.exe
Size

18KB
MD5

76c8afc286159014532e7a6a66114eeb
SHA1

1734c6e854189262fa527b79c7e9c766f83643c6
SHA256

a3e07362695d2d682d335504a20078daa14d31b4b3388f4f357cbc0df4114fee
SHA512

501e0fe5c024a8155616c3bdb5925e764f7065778b7dc9303d1e7858948c4404d8db236a76f9bba0c85104c1454f3aa8caf7928bed093c454dcc666a7f0d63fd
SSDEEP

384:1xJJ5sC/dMKASq7RZrEhglO2x4hmETkK6aHv+O:1xJJlrAZR1Ehglhx4TTp

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2388 wrote to memory of 2360	2388	76c8afc286159014532e7a6a66114eeb.exe	32
PID 2388 wrote to memory of 2360	2388	76c8afc286159014532e7a6a66114eeb.exe	32
PID 2388 wrote to memory of 2360	2388	76c8afc286159014532e7a6a66114eeb.exe	32
PID 2360 wrote to memory of 1964	2360	csc.exe	33
PID 2360 wrote to memory of 1964	2360	csc.exe	33
PID 2360 wrote to memory of 1964	2360	csc.exe	33

C:\Users\Admin\AppData\Local\Temp\76c8afc286159014532e7a6a66114eeb.exe
"C:\Users\Admin\AppData\Local\Temp\76c8afc286159014532e7a6a66114eeb.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2388
- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
  "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\b4mltywh\b4mltywh.cmdline"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2360
- - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESE7D0.tmp" "c:\Users\Admin\AppData\Local\Temp\CSC9053E890EF29475582AF946B407A40A8.TMP"
    3⤵
    PID:1964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\RESE7D0.tmp

Filesize
1KB

MD5
15adb1ab974b5a7d3285357e4310ec8b

SHA1
d180a65cae78b2eba6a2119b1501ee7fded67312

SHA256
ece73bbd0b041cc0c1300ff2c0636d65df979f58d7b3a7360ecd0ce2ffdf31ee

SHA512
f9cdeff68f89c191a5e1f59c7c6901aeb76b77cfa3ec2cb5df3a92b646c5e694026ef9e7d0b7043291dfdfd05938fc98358158577b72bd7c1723ff3af04a114c

Download Submit
C:\Users\Admin\AppData\Local\Temp\cd9a4813-a7d0-4e0c-bc05-5c012227a369.exe

Filesize
18KB

MD5
79f17c5fdad3d3ec55592d1f23483fbf

SHA1
4ca9cd185a15d0857b23145bdca6575e86681597

SHA256
75dc72f2f81f6950f02f07b5dbcfb219368b4742fe6668232190aa26c8c50dea

SHA512
8824a549c7eff235a6b06e1769f3d549bf50f8158035c08458b238c7a4eb2778fd00be6c7bdf6b6cd64480236de3281ce50a5762b9ceaac31cbc9fd26112f61b

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\CSC9053E890EF29475582AF946B407A40A8.TMP

Filesize
1KB

MD5
ec5791e7a5b9efad99bd60a29bc455a9

SHA1
88ce226a0c9ac45d695632875bc18bc6f21f72cf

SHA256
72b5f464de06ff13091730e5ad2e392329ffcdfbbf919c32873953c36d728b04

SHA512
6b8ba756894e13a871e2f195c40764147b01189efe0ae025c26602f786d3e6a4b1878e8e14e668a42ccb93de1041790e5e65ec203fadcd56ed9c089199d682f6

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\b4mltywh\b4mltywh.0.cs

Filesize
41KB

MD5
b7149e383a8ae512d9fd198ad7eb7392

SHA1
e4f54d8f950fc03b422c2ec21dc980823cf5afdd

SHA256
f04d5678fa5d512a60ea17c368a21ced3510fe5eae9decd4161c1dbd903c4302

SHA512
74543dec01760b61b91b1572bdd81a3fc46345bef57378d5012fdc93ac965396d6a6918c42d9eefbcb63c5d30c289d9748ed4993ee3cddb84e73129047401171

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\b4mltywh\b4mltywh.cmdline

Filesize
377B

MD5
c335a54abfa0877e5d90bd2c61b231e3

SHA1
704c7da668049b360bf59c949dc12ac70a20fd37

SHA256
3c2564cdec756db003a6d0c73148b314d139458b13b86fbef8facc9c77948995

SHA512
a1edbe53ef89ff2112ed24ac052533bc52101e34e8936062c1599a82dc560193b172a9378bdb164d76bde00fb746ffe9dddb1ab1ac0b8bde3a5ee8eca2ff064f

Download Submit
memory/2388-0-0x000007FEF5DC3000-0x000007FEF5DC4000-memory.dmp

Filesize
4KB

Download
memory/2388-1-0x0000000000E20000-0x0000000000E2A000-memory.dmp

Filesize
40KB

Download
memory/2388-3-0x000007FEF5DC0000-0x000007FEF67AC000-memory.dmp

Filesize
9.9MB

Download
memory/2388-16-0x0000000000420000-0x000000000042A000-memory.dmp

Filesize
40KB

Download
memory/2388-18-0x000007FEF5DC3000-0x000007FEF5DC4000-memory.dmp

Filesize
4KB

Download
memory/2388-19-0x000007FEF5DC0000-0x000007FEF67AC000-memory.dmp

Filesize
9.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads