Analysis
-
max time kernel
14s -
max time network
131s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
08-11-2020 18:15
Static task
static1
Behavioral task
behavioral1
Sample
4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exe
Resource
win10v20201028
General
-
Target
4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exe
-
Size
531KB
-
MD5
f4ca6a96995babf43fc02715b793e8aa
-
SHA1
ad81f636c55121f6d1e22bb90716030da64fbd15
-
SHA256
4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9
-
SHA512
1136751eb5c6b61390247e20b3bba61e351ae2ec1cdd97c694518f9a8d6c11399fca3d6705b0bbf256477ea9f8a14616c3dc665a4924d3026127537ca2497be9
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exepid process 576 4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exe 576 4f28df73dc04055cef9f6f6e0e35bd8d5d81db48c62f9df7104b491698b88ba9.exe