Overview

overview

7

Static

static

c0be9bd3d5...6c.exe

windows7-x64

7

c0be9bd3d5...6c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    47s
  • max time network
    52s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    23/11/2022, 22:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0be9bd3d5916c8e677e09c862ebde4c2262e15cf4bf959b73ad04b1870f226c.exe

  • Size

    213KB

  • MD5

    52d4fce190982f112a3aebd5ed952e30

  • SHA1

    14bdd4153357614a33ac1e8cde06b433e7f33602

  • SHA256

    c0be9bd3d5916c8e677e09c862ebde4c2262e15cf4bf959b73ad04b1870f226c

  • SHA512

    0ce6fa67a73c4ce89fc976724033e510c1da2b9c8c84c09bc45877387870e978ec7610a7d4492a6a07f0b3b552b51a6d69776d7655e28e25b70694819bac63f8

  • SSDEEP

    1536:Zbx40wnxEYkUplDKzwh/6hXwCApR39JDKt:lx4vxE03DKzwhSuCAp19l

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\c0be9bd3d5916c8e677e09c862ebde4c2262e15cf4bf959b73ad04b1870f226c.exe
    "C:\Users\Admin\AppData\Local\Temp\c0be9bd3d5916c8e677e09c862ebde4c2262e15cf4bf959b73ad04b1870f226c.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:1204

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1204-54-0x0000000074DE1000-0x0000000074DE3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1204-55-0x0000000000400000-0x0000000000439000-memory.dmp

    Filesize

    228KB

    Download