acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f

Analysis

max time kernel
50s
max time network
68s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
03/10/2022, 20:56

Target

acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f.exe
Size

257KB
MD5

60cafeb9226319991843f8d2001626b0
SHA1

32ff876ac0196ce523b612b49a328f7f68ce3dc2
SHA256

acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f
SHA512

4f4607ce47225a1130179189f54ee0a38489f2381e07b6babc554e0ac6b980127564206d66893f5ea847aa29451f41754048c43e1ee381076d77786be82f9ab1
SSDEEP

6144:r03Ff+iUL1F3yWl1wmtFxV4UqTgIekCb4vs7PVznP51hzmEahpYLJHb:rQt+tL1F3yStFx2dTguO57P5P51ReOLZ

Score

6^/10

discovery

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\BarefootSpeed.job	acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f.exe

C:\Users\Admin\AppData\Local\Temp\acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f.exe
"C:\Users\Admin\AppData\Local\Temp\acb2e3481a5f54a81605c49fb97524d5b3fe4a96dd46c95859b52d028a75a70f.exe"
1⤵
- Drops file in Windows directory
PID:1048

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/1048-54-0x00000000753C1000-0x00000000753C3000-memory.dmp

Filesize
8KB

Download
memory/1048-55-0x0000000000260000-0x000000000028F000-memory.dmp

Filesize
188KB

Download
memory/1048-59-0x00000000002C0000-0x00000000002E7000-memory.dmp

Filesize
156KB

Download