Analysis
-
max time kernel
89s -
max time network
100s -
platform
windows11-21h2_x64 -
resource
win11-20240611-en -
resource tags
-
submitted
27-06-2024 16:33
General
-
Target
Setup.exe
-
Size
50.0MB
-
MD5
176ca85e355951d13c5fcf56265adf1b
-
SHA1
0c4462f639b99404b7b8572b0081699f48852039
-
SHA256
6867e6620458e628fb77a72d15bf51d50136a49fe3103d818737faf8d3870f3e
-
SHA512
97b776b784821670f07b5faa4497158b8f7b6b35f86039926e2a472dfcf39d21ca80f8b7fb0f77a4e441b65ef8d51145be7010868190f2fff50cb56d3fe40931
-
SSDEEP
393216:PkfR0eh8xI7rPx5I5D8qB1JsbD3rn2Uk:cfR0eh/7rPx5I5D8qqP7
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of WriteProcessMemory 5 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Setup.exe"C:\Users\Admin\AppData\Local\Temp\Setup.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeC:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/912-2-0x00007FF743750000-0x00007FF746A54000-memory.dmpFilesize
51.0MB
-
memory/912-8-0x00007FF743750000-0x00007FF746A54000-memory.dmpFilesize
51.0MB
-
memory/912-10-0x00007FF743750000-0x00007FF746A54000-memory.dmpFilesize
51.0MB
-
memory/3008-5-0x0000000000580000-0x00000000005D8000-memory.dmpFilesize
352KB
-
memory/3008-7-0x0000000000580000-0x00000000005D8000-memory.dmpFilesize
352KB
-
memory/3008-9-0x0000000000580000-0x00000000005D8000-memory.dmpFilesize
352KB