Analysis Overview
SHA256
a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e
Threat Level: No (potentially) malicious behavior was detected
The file a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2022-10-31 22:52
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2022-10-31 22:52
Reported
2022-10-31 22:55
Platform
win10v2004-20220812-en
Max time kernel
71s
Max time network
139s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe
"C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe"
Network
| Country | Destination | Domain | Proto |
| NL | 95.101.78.106:80 | tcp | |
| NL | 95.101.78.106:80 | tcp | |
| DE | 51.116.253.168:443 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.220.29:80 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2022-10-31 22:52
Reported
2022-10-31 22:55
Platform
win7-20220901-en
Max time kernel
48s
Max time network
52s
Command Line
Signatures
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe
"C:\Users\Admin\AppData\Local\Temp\a1a7ac49387ea0ed557abbb3ba3a9e56c963deedb6ae37dbff3a4903c4ab4a0e.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x1f4
Network
Files
memory/1552-54-0x0000000075681000-0x0000000075683000-memory.dmp