993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391 | Triage

Resubmissions

20/09/2023, 08:26

230920-kbzlnsfa7y 10

02/05/2022, 15:03

220502-se8mraffb7 10

Analysis

max time kernel
148s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
02/05/2022, 15:03

Sharing

Report Analysis Logs

General

Target

993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe
Size

651KB
MD5

7385a5ddf4b7801cfdf4b4a247ab7837
SHA1

bddc2c8163e976c01be0147f4d5bd32f6e344188
SHA256

993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391
SHA512

02cb71a1f06aeee9a1ef19261b85986bd1dccb29a224e38b26125c98f2adab05d75f17af28f97c98423178a950db23cd9a2530c75cfee2f87f04c0fad3993ec3

Score

8^/10

evasion

Malware Config

Signatures

Disables Task Manager via registry modification
evasion

Drops desktop.ini file(s) 2 IoCs

description	ioc	Process
File created	C:\Windows\assembly\Desktop.ini	993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe
File opened for modification	C:\Windows\assembly\Desktop.ini	993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe

Drops file in Windows directory 3 IoCs

description	ioc	Process
File opened for modification	C:\Windows\assembly	993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe
File created	C:\Windows\assembly\Desktop.ini	993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe
File opened for modification	C:\Windows\assembly\Desktop.ini	993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe

C:\Users\Admin\AppData\Local\Temp\993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe
"C:\Users\Admin\AppData\Local\Temp\993778c3b7b066778aabbbf4c110d8a965e83394c6358b5655ee4cdbb3996391.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Windows directory
PID:2448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads