Overview

overview

10

Static

static

04c35e32dd...a8.exe

windows7-x64

10

04c35e32dd...a8.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2022, 09:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04c35e32dd3f32a26f46531b8a20798e728ce0e3b09772445b38be1e0ea8a0a8.exe

  • Size

    503KB

  • MD5

    6b254235ac660b36aef74f2c67aae7c6

  • SHA1

    68d2fb85d56180bc193c39933cc6c5fbba736900

  • SHA256

    04c35e32dd3f32a26f46531b8a20798e728ce0e3b09772445b38be1e0ea8a0a8

  • SHA512

    fec29b24cd81c65a7cf08d762055328b5affb87de1146b75ea124a5495a3522bcaf59a8933c3f324ef759b9cc0ca087683405e7f0d8f64886ad2445b2a86a514

  • SSDEEP

    12288:i1bD2k4bRbte4n0bJJvWR7Wh4gshnrCcpc:i1bD2Bt0NJvWxWRshnr56

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 19 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04c35e32dd3f32a26f46531b8a20798e728ce0e3b09772445b38be1e0ea8a0a8.exe
    "C:\Users\Admin\AppData\Local\Temp\04c35e32dd3f32a26f46531b8a20798e728ce0e3b09772445b38be1e0ea8a0a8.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    PID:5068

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads