Overview

overview

1

Static

static

af04019943...3c.exe

windows7-x64

1

af04019943...3c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    36s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2022 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    af040199438743146a6b549b6f3588906a7d2d36d8a145584186c82c55e00d3c.exe

  • Size

    3.7MB

  • MD5

    5a69fea78966377a0affcdfd7beaa003

  • SHA1

    adf89120cd04aa52b5fd5812b44368b926e78a45

  • SHA256

    af040199438743146a6b549b6f3588906a7d2d36d8a145584186c82c55e00d3c

  • SHA512

    f47d65f9e61dcd5f87decc4f99331d9f123b3f8e4ebd9b95e628c202cbdff397864e86ef4a8530e7ec4705b96b91a4da14914ede82865b5c6dbb26a33afaab3a

  • SSDEEP

    49152:2nGjOjhrl7PsZ7sgJuBRkatiO+QeWBMrF0QD3I+y3OZJTSwvcTI9f/3rLrKxPKTp:A2Ojhli7fJuBRkatiO+bW2JUuGZKt

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\af040199438743146a6b549b6f3588906a7d2d36d8a145584186c82c55e00d3c.exe
    "C:\Users\Admin\AppData\Local\Temp\af040199438743146a6b549b6f3588906a7d2d36d8a145584186c82c55e00d3c.exe"
    1⤵
    • Checks processor information in registry
    PID:1708
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x450
    1⤵
      PID:1496

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1708-54-0x0000000075451000-0x0000000075453000-memory.dmp

      Filesize

      8KB

      Download