6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7

Analysis

max time kernel
127s
max time network
179s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2022, 16:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7.exe
Size

33KB
MD5

1e085a1b35fb1668c9da5558680b7550
SHA1

705ade63a7c0e43d85bafea7c821814a256e54ff
SHA256

6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7
SHA512

b68cf46fc0e05cc587e6444067b88e79c3c9e150c8e1a1f4a22f9946d31764942591214c79d2a62e6252d0056798c45e226953971a301027cc41957185138a0e
SSDEEP

384:BjhSbFojJDNWdgUKaeKUcKZ9w7S+ihQmLypj56RV2LLvEDHQb0nuUTeRjzP+fXNH:BjdLUTb72hspVvTEDwAnpTeR/ANn4

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System = "C:\\Users\\Admin\\AppData\\Local\\Temp\\system.exe"	6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7.exe

C:\Users\Admin\AppData\Local\Temp\6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7.exe
"C:\Users\Admin\AppData\Local\Temp\6211cd626a2bd04bdadb8a710a2e41613c0441cdc528b15c0c09a1a583c213b7.exe"
1⤵
- Adds Run key to start application
PID:3532

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads