1da95e48e38bd56d459329fc236870448ab9483ec943d33c3f8064d8d89ce0e2 | Triage

Analysis

max time kernel
49s
max time network
47s
platform
windows7_x64
resource
win7-20220414-en
submitted
12-06-2022 23:51

Sharing

Report Analysis Logs

General

Target

1da95e48e38bd56d459329fc236870448ab9483ec943d33c3f8064d8d89ce0e2.exe
Size

282KB
MD5

2485c741af50de986079b6ad9b6c948a
SHA1

575651ded135bc2ca0afbd07f7f35ef1b0b72b7c
SHA256

1da95e48e38bd56d459329fc236870448ab9483ec943d33c3f8064d8d89ce0e2
SHA512

07efa4a38977416ca4769201d4229983c18bddee1427210eaeea8e646e37eaba2ef46d9dc524827786c92036c45392211aa78bc31ac873c72a9da19e79b7a1fc

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\1da95e48e38bd56d459329fc236870448ab9483ec943d33c3f8064d8d89ce0e2.exe
"C:\Users\Admin\AppData\Local\Temp\1da95e48e38bd56d459329fc236870448ab9483ec943d33c3f8064d8d89ce0e2.exe"
1⤵
PID:1900

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1900-54-0x0000000076011000-0x0000000076013000-memory.dmp

Filesize
8KB

Download
memory/1900-55-0x0000000000400000-0x0000000000461000-memory.dmp

Filesize
388KB

Download
memory/1900-57-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download
memory/1900-58-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download