82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3

Analysis

max time kernel
187s
max time network
194s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
01/10/2022, 18:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe
Size

971KB
MD5

607d8ef0908015a0d3c553b2afec7d58
SHA1

836e4edb5be32f0b95efc46f2d3576b642e77f6e
SHA256

82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3
SHA512

eef17fc075eafdc24c725906aa7ab9e860eab99e31942d0d50ed3e698eeb042f21a727ad5b83f5c7dabc95e1845008dd420a39ef2e8418c52dabd6b68f282af5
SSDEEP

24576:eAJYh+PigHXVuBBWXNsl017clfdKAB32mjqTFNTPHCZDnv51ivC:eAi+Pi80CXNC01gFMS3RjqnTPw94vC

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Update1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe"	82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\5E-AE-84-11-33-78\BNE.exe	82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe

C:\Users\Admin\AppData\Local\Temp\82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe
"C:\Users\Admin\AppData\Local\Temp\82254e80ed7ee894e79048cc80b06bd985e15304b47b32d7181f55e59fd20cd3.exe"
1⤵
- Adds Run key to start application
- Drops file in System32 directory
PID:3440

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads