Analysis

  • max time kernel
    142s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    17-11-2020 12:40

General

  • Target

    8fb2b079aaa14ae4127f5f8f0172f676.exe

  • Size

    531KB

  • MD5

    1f441c55752a4e958b4ccfbd65250f2b

  • SHA1

    cc747cbfcce12218b649d71df5a3a473605c53ea

  • SHA256

    7152c2373322cc603b18e28a90b5fe7be7e285ec96d34ea39aeaf07c4112758a

  • SHA512

    13b8c51506bc0c8d1c9ecedd184f6696fc4f59ebab1822197f22a7538546bebc936354226ba442fd73a8340de73f3d99d45183ad2eaa2663552adeaeb59964df

Score
6/10

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8fb2b079aaa14ae4127f5f8f0172f676.exe
    "C:\Users\Admin\AppData\Local\Temp\8fb2b079aaa14ae4127f5f8f0172f676.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1808

Network

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1408-0-0x000007FEF5D50000-0x000007FEF5FCA000-memory.dmp
    Filesize

    2.5MB