d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342

Analysis

max time kernel
19s
max time network
45s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
25-11-2022 06:58

Target

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe
Size

42KB
MD5

a12fe6384aebd2d815398d144ea4bdff
SHA1

d0136bd0add532642187e00f83ac0571b54ef155
SHA256

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342
SHA512

db8c8ed15a019994c598f6bedf60e722101258e5e8751e0f5897f065b75c546f693ceae41089c3c82d1ec6d54d9e02bcf6a3ca0fda05d1bdb118c44ebd700ccc
SSDEEP

768:cEqB7NpOrQAlZvFEZMB1Vglq6KS7kqIC3UAvUW7RvSVytP1UP+bGwi4ki5OJK:cEqBaRZqln7bBE1QRveCPaPSG9zdK

Score

1^/10

Enumerates system info in registry 2 TTPs 1 IoCs

Query Registry

System Information Discovery

Processes:

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Identifier	d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

C:\Users\Admin\AppData\Local\Temp\d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe
"C:\Users\Admin\AppData\Local\Temp\d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe"
1⤵
- Enumerates system info in registry
PID:1120

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

memory/1120-54-0x0000000075291000-0x0000000075293000-memory.dmp

Filesize
8KB

Download
memory/1120-55-0x00000000001D0000-0x00000000001D7000-memory.dmp

Filesize
28KB

Download
memory/1120-56-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download
memory/1120-57-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download