Analysis
-
max time kernel
71s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
31/10/2022, 22:52
Static task
static1
Behavioral task
behavioral1
Sample
a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe
Resource
win10v2004-20220812-en
General
-
Target
a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe
-
Size
5.4MB
-
MD5
1309d4867486ca398296138c3b7a1251
-
SHA1
07a90bb669de0568a8215c26b4e8c11192f5004d
-
SHA256
a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e
-
SHA512
26e50ea91f91cb2d44dd9d46de4432940abe184806783a3015df17dfd961d4acc9c684d79a5322ef0feaaf0c37fedab10e3b4da4d3b9f172d84480ab3fda491a
-
SSDEEP
98304:52LV6eaSLm/cR94IXsYmVG0VqK4yXmJqyd2R4gcL9d6k8Zjscs:52vaLcR9BXsYIGKqqXmkr4gcrQjscs
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe