7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa

Analysis

max time kernel
151s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 10:18

Target

7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa.exe
Size

29KB
MD5

4498e759c9877d66e9f8e81ca35af520
SHA1

514913d2390c0581914e5d475bce557b3f3cf37e
SHA256

7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa
SHA512

f5379d6670a8747cfdd98190d136903513a04a291cc82ca2b422fa52dc33992f04256955d9fdb3b6b87ea8db520fee5bbe1b62effae49a8d59594273e6d03c68
SSDEEP

384:D+jO39tjAoCP1fwGWawP1eeoO9Obud+trPVnNYJLPGCx:D+jOttjAos4tNnqrPVn4LXx

Score

1^/10

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa.exe

C:\Users\Admin\AppData\Local\Temp\7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa.exe
"C:\Users\Admin\AppData\Local\Temp\7e38eb64a9ba959c9d0c1d443ac78dbaa722329d943c645268b385c4ffb2b2aa.exe"
1⤵
- Checks processor information in registry
PID:1692

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact