Overview

overview

8

Static

static

cd86717ae3...c0.exe

windows7-x64

8

cd86717ae3...c0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 12:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    cd86717ae3551cc6aa16a7c149af6b3b27125538015af7c7a4502882cee138c0.exe

  • Size

    412KB

  • MD5

    daba3d3b126030a50f007189f1e14e7a

  • SHA1

    a43808350b8e80b104f17e3b2ee37d8966d3ba57

  • SHA256

    cd86717ae3551cc6aa16a7c149af6b3b27125538015af7c7a4502882cee138c0

  • SHA512

    06460ca0ab18fb32c34aa499226fa73550859bbb10817730e08d9744a9270bb7d14100ef25574a09859fea5893fb8165662add87db3818ee3d3ed32c20be1ef6

  • SSDEEP

    6144:f2JhcuSp6IppqRbqWmlnhId0rA/4XZnGp61+2hu5bvYShiUAAvXQIQNlP6hM:f2E0ILqRWWyh5zXBIv1HQPPqM

Score
8/10
evasion

Malware Config

Signatures

  • Modifies Windows Firewall 1 TTPs 1 IoCs
    evasion
  • Runs net.exe
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cd86717ae3551cc6aa16a7c149af6b3b27125538015af7c7a4502882cee138c0.exe
    "C:\Users\Admin\AppData\Local\Temp\cd86717ae3551cc6aa16a7c149af6b3b27125538015af7c7a4502882cee138c0.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4152
    • C:\Windows\SysWOW64\net.exe
      net stop alg
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4924
      • C:\Windows\SysWOW64\net1.exe
        C:\Windows\system32\net1 stop alg
        3⤵
          PID:5080
      • C:\Windows\SysWOW64\netsh.exe
        netsh firewall set opmode disable
        2⤵
        • Modifies Windows Firewall
        PID:4844

    Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads