Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
25-11-2021 16:45
Static task
static1
Behavioral task
behavioral1
Sample
d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171.exe
Resource
win10-en-20211104
windows10_x64
0 signatures
0 seconds
General
-
Target
d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171.exe
-
Size
664KB
-
MD5
bc1c7eabdc6eaec6b90bc7a5845eee70
-
SHA1
74f55212186fe5180581bb7b2d453c55f8ac7d8b
-
SHA256
d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171
-
SHA512
a40a6fa5d637c9d26f1c6ff17a7eeb6067887fc6c11e60d02c943fdb8b5a03a69fa8f302dd51d1afa67d6103b1ab2e8a19b7e43d00ecad9cb6d796c2b959b833
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString d0a8ef4f8e381f6bd348755f19020ee37dc87db6b587d6a43930dab06c866171.exe