09af792208641417d02d764a8b97d92c3c1b40638143d5224c0f6b36f5579a29

Analysis

max time kernel
7s
max time network
139s
platform
windows7_x64
resource
win7v20201028
submitted
01-12-2020 16:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

rhJ1fu67.exe
Size

14KB
MD5

8a04ad50879e7d1e48165d780410466a
SHA1

7a1f12906e4cbd4f3a586c838473d7ce6ac37969
SHA256

09af792208641417d02d764a8b97d92c3c1b40638143d5224c0f6b36f5579a29
SHA512

8bbb17c7f92abdc039e7a925ddebfe539b4dab2d7962447b35d0123dcb022a4f6cee57d7c0225de06876856833ea9d0bf32132ec855bcb71ca09fe9fbc6d33e0

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

rhJ1fu67.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0	rhJ1fu67.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	rhJ1fu67.exe

C:\Users\Admin\AppData\Local\Temp\rhJ1fu67.exe
"C:\Users\Admin\AppData\Local\Temp\rhJ1fu67.exe"
1⤵
- Checks processor information in registry
PID:2028

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads