Overview

overview

8

Static

static

8

transcript.htm.scr

windows7_x64

8

transcript.htm.scr

windows10-2004_x64

8

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    07-07-2022 05:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    transcript.htm.scr

  • Size

    57KB

  • MD5

    0ebbdd8d4d9714d893ea8f217cb38a65

  • SHA1

    97d6498ea7548c2624b258705c8ad7c51d5ac252

  • SHA256

    30aea209f4c83a228967568b2b20b36eb2e6ed6901f15bd5daacb485f51b0573

  • SHA512

    6b8e3a79887335c7c8dc01fef3931882674179024e776c0c16df8c80c602a30e05ca164d633b7dcddd07c919775b1efd9c89332a54e1cabb3ab800a24dea3965

Score
8/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in Windows directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\transcript.htm.scr
    "C:\Users\Admin\AppData\Local\Temp\transcript.htm.scr" /S
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    PID:1356

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1356-54-0x0000000076191000-0x0000000076193000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1356-55-0x0000000000800000-0x000000000080D000-memory.dmp
    Filesize

    52KB

    Download