b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2

Analysis

max time kernel
150s
max time network
153s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
11-10-2022 15:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe
Size

280KB
MD5

106cdda79e0bd35636b01f4a63e40180
SHA1

1428b509349a624554c866f9388329fb5edde645
SHA256

b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2
SHA512

965d162ea958cabe53f52914d6c1857cb0fb351a60bcef9879d8c1cc9436f1b5221eb2132e611909b384807198c073f54910537ba75a818fe6b13155123cd687
SSDEEP

3072:gBBALhmAHQVm6S93tSMjWqJelj3PzAfPZynRPdygvkmvRqlayfbHZMqXEb:OWntSMjFelT0fB04g8m5WHY

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe

C:\Users\Admin\AppData\Local\Temp\b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe
"C:\Users\Admin\AppData\Local\Temp\b1f8451ddaea34ecfd42522577abd107d13f7180cd1c7c0935bdd059d469a1b2.exe"
1⤵
- Checks processor information in registry
PID:2016

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads