Analysis
-
max time kernel
15s -
max time network
77s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
10-08-2021 07:00
Static task
static1
Behavioral task
behavioral1
Sample
a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9.exe
-
Size
715KB
-
MD5
aa1f58cf90e2d02fd5914879c9f33788
-
SHA1
9d32a90448f8b0574a471379cae2235ea3ae58fb
-
SHA256
a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9
-
SHA512
535720079a2142a5f535dd63985b76a7100bb9c83428a90840f628c370ec4be86e9ab38e1c83d19a9c8ffa6ce35d73287c4c7ea1a5da205cf4f2ae33c2c35eda
Score
10/10
Malware Config
Signatures
-
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString a6c92f108dfc3bc03271c640f80eeaf503e3f3326ab898b74fc96ccddea634e9.exe