ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab | Triage

Analysis

max time kernel
73s
max time network
69s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29-10-2022 10:20

Sharing

Report Analysis Logs

General

Target

ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe
Size

209KB
MD5

74fca464697b5816acfe9140ee387ecd
SHA1

98434a079e12d48a94a094ef04b9f31b153852f6
SHA256

ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab
SHA512

8e48a14b01e0aa72b25a1b2af7c66336d129728ea7e445a57ea95aa0393d4e5a67ff3434c26a2a9ca7524303fc06ff2f404fb9adfd0801289e9b31f724a6facf
SSDEEP

3072:dlHLFNuNLrSUkYSuS0G9YeKnvuGwODGfQq93g7mC7wCipC+fU/LEfwQC:dlHPuNXGnOpmC8PBUDgC

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe
"C:\Users\Admin\AppData\Local\Temp\ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe"
1⤵
PID:1928

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1928-54-0x0000000074AD1000-0x0000000074AD3000-memory.dmp

Filesize
8KB

Download
memory/1928-55-0x0000000000400000-0x0000000000488000-memory.dmp

Filesize
544KB

Download
memory/1928-58-0x0000000000220000-0x0000000000223000-memory.dmp

Filesize
12KB

Download