Overview

overview

6

Static

static

9ec33e69e8...5c.exe

windows7-x64

1

9ec33e69e8...5c.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    113s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 11:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ec33e69e8d18bd13d178e334965827242dda1c641e1c5f111ace0f04c82665c.exe

  • Size

    3.9MB

  • MD5

    2903125a28e46b2343def5127e607490

  • SHA1

    9b5f499f2fef57ce09e8d09e5c514f4012489533

  • SHA256

    9ec33e69e8d18bd13d178e334965827242dda1c641e1c5f111ace0f04c82665c

  • SHA512

    260138e1fb8dcac7d94d141bce7664efc80d8d77ad542081f2c3065b5910152d0fcc60a3ca9b113afc9c6863bd64d74682bdb25d023f30e80dba06359ab310b1

  • SSDEEP

    98304:rStjDMkXaYXedt6o3ezOFFkEy0H67a1Bf:cKYXat6o3ezp0a7anf

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\9ec33e69e8d18bd13d178e334965827242dda1c641e1c5f111ace0f04c82665c.exe
    "C:\Users\Admin\AppData\Local\Temp\9ec33e69e8d18bd13d178e334965827242dda1c641e1c5f111ace0f04c82665c.exe"
    1⤵
    • Adds Run key to start application
    PID:2992

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2992-132-0x0000000000400000-0x0000000000F24000-memory.dmp
    Filesize

    11.1MB

    Download
  • memory/2992-133-0x0000000000400000-0x0000000000F24000-memory.dmp
    Filesize

    11.1MB

    Download