Analysis
-
max time kernel
88s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
03-12-2022 04:53
Static task
static1
Behavioral task
behavioral1
Sample
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
Resource
win10v2004-20220901-en
General
-
Target
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
-
Size
841KB
-
MD5
5725decdb18c79f27a032e279cd984bc
-
SHA1
01154e4dadad43d5112c37bd609bdc58acc4f6c6
-
SHA256
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b
-
SHA512
a47d042c7731be8f43598fdf22ebff9df1f5db791bd2ebd423f1e532d2291ef472e57b7d883c78d23cc089ec73035150a43978ce828376b548d6846da059c969
-
SSDEEP
24576:5O/JS1kUo4A4dv0djeIfO7oNUcpeqqZmudmg:5CBUo14V8jhUCBqZmuwg
Malware Config
Signatures
-
Identifies Wine through registry keys 2 TTPs 1 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
Processes:
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exedescription ioc process Key opened \REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Wine cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1772-132-0x0000000000400000-0x000000000065A000-memory.dmpFilesize
2.4MB