Analysis
-
max time kernel
140s -
max time network
133s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
01-07-2024 03:41
Static task
static1
Behavioral task
behavioral1
Sample
Win32.exe
Resource
win7-20231129-en
3 signatures
150 seconds
General
-
Target
Win32.exe
-
Size
1.2MB
-
MD5
01c13144ea9d9728500dc6c067bab899
-
SHA1
49b22529fec0c372b08e2afe67eccde13b3ab6cc
-
SHA256
eb846bb491bea698b99eab80d58fd1f2530b0c1ee5588f7ea02ce0ce209ddb60
-
SHA512
c05cff167a896ceddb55ab7070301f815f5e4f690e046e30ca6b4381f375ce579d516a70c41b750710e73524d3d092dc9de871cb43be2efc565fd753db2fc2b6
-
SSDEEP
12288:eQnGcWctmPF319Ib4k24VdTl2ZYFphgIShQuSGDkDFuyjldrB:ecjZtmN7jOVdB2ZYFpqhhoGYDFuol
Malware Config
Signatures
-
Detects VSingle payload 4 IoCs
Processes:
resource yara_rule behavioral2/memory/3944-2-0x0000000001410000-0x0000000001447000-memory.dmp family_vsingle behavioral2/memory/3944-1-0x0000000001020000-0x0000000001051000-memory.dmp family_vsingle behavioral2/memory/3944-5-0x0000000001410000-0x0000000001447000-memory.dmp family_vsingle behavioral2/memory/3944-6-0x0000000001410000-0x0000000001447000-memory.dmp family_vsingle -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Win32.exedescription pid process target process PID 4124 wrote to memory of 3944 4124 Win32.exe Explorer.exe PID 4124 wrote to memory of 3944 4124 Win32.exe Explorer.exe PID 4124 wrote to memory of 3944 4124 Win32.exe Explorer.exe PID 4124 wrote to memory of 3944 4124 Win32.exe Explorer.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3944-2-0x0000000001410000-0x0000000001447000-memory.dmpFilesize
220KB
-
memory/3944-1-0x0000000001020000-0x0000000001051000-memory.dmpFilesize
196KB
-
memory/3944-5-0x0000000001410000-0x0000000001447000-memory.dmpFilesize
220KB
-
memory/3944-6-0x0000000001410000-0x0000000001447000-memory.dmpFilesize
220KB
-
memory/4124-0-0x0000000002110000-0x0000000002117000-memory.dmpFilesize
28KB