6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18

Analysis

max time kernel
43s
max time network
48s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
06/11/2022, 22:41

Target

6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18.exe
Size

217KB
MD5

0df6c359c3baa5f6af18305955b55020
SHA1

fc07b335d530945ef3c3354732b7fffb9fd0aa7f
SHA256

6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18
SHA512

d3c48c1e8e2520cf54663e3be1ede7e8ddbec4be00136360a25c0f766fd026ec3123f5fe722ee384d7ee9615526a57e2c79418b0ca59635cba1f6a09b9d66400
SSDEEP

3072:LsV8i13EoMbBQrSnFQQU4nH7L41sgyjYzpX1XYIK6GicgVCvOKULQakgvPvrJTXo:4WidEp1QrlSH/o5FrK0TVrKUMakgNbo

Score

6^/10

discovery

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\FlavorFavors.job	6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18.exe

C:\Users\Admin\AppData\Local\Temp\6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18.exe
"C:\Users\Admin\AppData\Local\Temp\6ccf11364ad6ed3e5c1f00d57cb0a980265ee52b88cb5e4cfa56f7bb6f723b18.exe"
1⤵
- Drops file in Windows directory
PID:2016

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/2016-54-0x0000000075A71000-0x0000000075A73000-memory.dmp

Filesize
8KB

Download
memory/2016-55-0x0000000000230000-0x000000000025F000-memory.dmp

Filesize
188KB

Download