Overview

overview

7

Static

static

ee7dbbe1aa...69.exe

windows7-x64

7

ee7dbbe1aa...69.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    168s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 04:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee7dbbe1aa26b32d2cf5a9b89e5c460053837d3c4a2ef6399bd2d7e7b247aa69.exe

  • Size

    1.3MB

  • MD5

    cd42cf15b10af27494d5ba716127c7ae

  • SHA1

    efc067eb5b4151a67c2ccadf9b1edbbd5fe94209

  • SHA256

    ee7dbbe1aa26b32d2cf5a9b89e5c460053837d3c4a2ef6399bd2d7e7b247aa69

  • SHA512

    b5eb9de14b2d7b4e857fd0434bb13459e88578756241c3d5d8a8432dbd848ea3e9bb5586569a94d8faa6464df6b7246eb000327eed11a28e03f43fdab14fac0e

  • SSDEEP

    24576:bBxxVy1PMJI9knet1ruD0TuCMwAMi+2whlh2c5SSCtfguRVQ1RoZ6CeVuG42uxv9:bBZy1P+ne3ruD0TMMywlh2cNigcm1+yw

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\ee7dbbe1aa26b32d2cf5a9b89e5c460053837d3c4a2ef6399bd2d7e7b247aa69.exe
    "C:\Users\Admin\AppData\Local\Temp\ee7dbbe1aa26b32d2cf5a9b89e5c460053837d3c4a2ef6399bd2d7e7b247aa69.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:2252

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2252-132-0x0000000000400000-0x00000000006D9000-memory.dmp

    Filesize

    2.8MB

    Download