c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5

Analysis

max time kernel
72s
max time network
115s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
31/10/2022, 00:44

Target

c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5.exe
Size

350KB
MD5

a10dda35f2ae38c5904016e41ba0e300
SHA1

9cedc92e0890c1dff769749adaa2028589bbb560
SHA256

c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5
SHA512

efc5de2bc4694422c6fd4ebacedd5506fc5702d53dc68ead352ecfc8ee3ad1c2c0006498544eb0f00e530a03d4e09f103bc4f40d7f245e7663077580634516fe
SSDEEP

6144:kg5xl47xKsG5n0jI22am0/oIXyrGM81FEJkQebQ5VHCSV:kgflYIByoIirhmF/g5ViSV

Score

6^/10

discovery

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\TuneInPro.job	c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5.exe

C:\Users\Admin\AppData\Local\Temp\c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5.exe
"C:\Users\Admin\AppData\Local\Temp\c9234e63613c27f4db450c0bf7d3326954a3c3b827c28c4603cfe44a4f4d15b5.exe"
1⤵
- Drops file in Windows directory
PID:2016

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/2016-54-0x0000000076711000-0x0000000076713000-memory.dmp

Filesize
8KB

Download
memory/2016-55-0x0000000000290000-0x00000000002BF000-memory.dmp

Filesize
188KB

Download