7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809

Analysis

max time kernel
47s
max time network
53s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
20-10-2022 13:32

Target

7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809.exe
Size

347KB
MD5

96ebd19d648aa61443e15bece95f4aa2
SHA1

ac10e7ba8f2370b607384d7093583d5b78de8dd7
SHA256

7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809
SHA512

408540fb4ae78bc6df27fc4236116484bbbd70990a23e81b307de6ad7ecb3e2b6820513af4380c997c139076d203eada47b7a4ece80f3bed7c4d2f30b9f2b69e
SSDEEP

6144:VbITsx8ujG8t0IHeympDduFHu9q8I1hAc41Cub/a8HeINB5MVm/zSsU:awZjjmpDdkHp71hMCuJHeINBwq2sU

Score

6^/10

discovery

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\QuickRecipe.job	7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809.exe

C:\Users\Admin\AppData\Local\Temp\7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809.exe
"C:\Users\Admin\AppData\Local\Temp\7f827940f29033290208b34c2502f58f58e89ed44df2c684206e71d8e06ff809.exe"
1⤵
- Drops file in Windows directory
PID:1140

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/1140-54-0x0000000075091000-0x0000000075093000-memory.dmp

Filesize
8KB

Download
memory/1140-55-0x0000000000390000-0x00000000003BF000-memory.dmp

Filesize
188KB

Download