Analysis
-
max time kernel
15s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
09-07-2021 11:16
Behavioral task
behavioral1
Sample
715788fb520b3873db406fdf59521afa.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
715788fb520b3873db406fdf59521afa.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
715788fb520b3873db406fdf59521afa.exe
-
Size
160KB
-
MD5
715788fb520b3873db406fdf59521afa
-
SHA1
096e3741fd8babb84d433fa9ccb866b4fe0435e3
-
SHA256
dbe60153ede523dc838e9289aa0b43c5022c182b85396381b96b5d44c1698e27
-
SHA512
74a88eba916b6da1dfb3365741df54cdcb7a4faf4029c53c0a39d28753ab674f55230d3aab9af9e4d9b1655adbe08739d9315d8aa9510768aedfebfa4c35c417
Score
10/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 2 IoCs
Processes:
715788fb520b3873db406fdf59521afa.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-1594587808-2047097707-2163810515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ 715788fb520b3873db406fdf59521afa.exe Set value (str) \REGISTRY\USER\S-1-5-21-1594587808-2047097707-2163810515-1000\Software\Microsoft\Windows\CurrentVersion\Run\sysWOW32 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\715788fb520b3873db406fdf59521afa.exe" 715788fb520b3873db406fdf59521afa.exe -
Drops file in System32 directory 1 IoCs
Processes:
715788fb520b3873db406fdf59521afa.exedescription ioc process File created C:\Windows\System32\spool\drivers\color 715788fb520b3873db406fdf59521afa.exe