Analysis
-
max time kernel
119s -
max time network
130s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
25-10-2021 07:35
Static task
static1
Behavioral task
behavioral1
Sample
2723cd6a89d485c90618b99420873285.exe
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
2723cd6a89d485c90618b99420873285.exe
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
2723cd6a89d485c90618b99420873285.exe
-
Size
705KB
-
MD5
2723cd6a89d485c90618b99420873285
-
SHA1
8111dcfd12290dd39ce4baa3aed9ef705495187b
-
SHA256
50d667296ecc8a26f57a74566a79145d69cda60f531dae565c13f2e8a8503aae
-
SHA512
0e9c667dc0f717665b3a37df1fcdf69171c546a2f5b1c475b67a1e6f171f611ae6ef5f25dc4d72842000610c94457b10b9346a126220d002ead1caf51a7e6774
Score
10/10
Malware Config
Signatures
-
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
2723cd6a89d485c90618b99420873285.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 2723cd6a89d485c90618b99420873285.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString 2723cd6a89d485c90618b99420873285.exe