cc428d1151b30144151da0e6094951c358e2cdba7fe484e2258e697d4cda865b | Triage

Analysis

max time kernel
27s
max time network
32s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
27-11-2022 07:46

Sharing

Report Analysis Logs

General

Target

cc428d1151b30144151da0e6094951c358e2cdba7fe484e2258e697d4cda865b.exe
Size

1.2MB
MD5

5485cb8c80b294875ebc8c8b375cb135
SHA1

d21d2cf24e174f3f2726fc3f638c099615f2cd2a
SHA256

cc428d1151b30144151da0e6094951c358e2cdba7fe484e2258e697d4cda865b
SHA512

f153da212ced0b0325918b1d0a7e9abfbe586bd5e26310aab97b7a942b6dffee610e6fd526112aadee5d871a2f7f96e4d6f856daf09537c003046667fef7a9e2
SSDEEP

24576:yKwZbSwdMTlhIax77F4PhCBIpw/omRzhuBOd4Bv948YaXaN2Uj:RwZuwdGAad7F4P+/omJoQd4zia22k

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\cc428d1151b30144151da0e6094951c358e2cdba7fe484e2258e697d4cda865b.exe
"C:\Users\Admin\AppData\Local\Temp\cc428d1151b30144151da0e6094951c358e2cdba7fe484e2258e697d4cda865b.exe"
1⤵
PID:1208

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1208-54-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1208-55-0x00000000753F1000-0x00000000753F3000-memory.dmp

Filesize
8KB

Download
memory/1208-56-0x0000000000240000-0x0000000000249000-memory.dmp

Filesize
36KB

Download
memory/1208-57-0x0000000004020000-0x000000000417C000-memory.dmp

Filesize
1.4MB

Download
memory/1208-58-0x0000000000240000-0x0000000000249000-memory.dmp

Filesize
36KB

Download