c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40

Analysis

max time kernel
82s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2022 18:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40.exe
Size

47KB
MD5

31966583103723da199f40976f1a5850
SHA1

556890b581ffae181aedaf059b8d08ab87979efc
SHA256

c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40
SHA512

3e1ffeadf8f8aec194dc1236fda272c1181122bb46be435757f7e50813a1f4a70622accd4ae7da40734a75bee1ac9270ff63f000e3f8ec43b9ac7dfc82517886
SSDEEP

768:vhf+6i5y7bZp6pUM6ajGN3CbQnIOR+oU9xT:vhfdiQlYpUMVoIxoU

Score

6^/10

Malware Config

Signatures

Enumerates connected drives 3 TTPs 2 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\A:	c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40.exe
File opened (read-only)	\??\B:	c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40.exe

C:\Users\Admin\AppData\Local\Temp\c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40.exe
"C:\Users\Admin\AppData\Local\Temp\c50b9467e34e7c36f56bf694c4a51df4d37678773ea810c29dc4618f3f8a4f40.exe"
1⤵
- Enumerates connected drives
PID:1456

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads