Analysis
-
max time kernel
213s -
max time network
250s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
07-12-2022 04:02
General
-
Target
cca2a2f5f919dc4d2e6bb47cfad48b28d743e5144f82546eb724a10361a08063.exe
-
Size
144KB
-
MD5
043afc5357df72fb71c8bb9c06ec0f6f
-
SHA1
084eaf81be2c186fd52615717c558f49fe435433
-
SHA256
cca2a2f5f919dc4d2e6bb47cfad48b28d743e5144f82546eb724a10361a08063
-
SHA512
efd3f401d09baf6cef96acf5b2ac74fac3e8e9d11f99f4f6fbe409a59554e1796058ed68f81db8fd275b51c68b06da77a5f274ccb04396270f02a8b24e6538d2
-
SSDEEP
3072:GsnVVLLdeZAeDEyJ8aWTGausSDfl5t7TVpFFEMPn3FzBA:GOCl5euB55jrEMv/A
Score
6/10
Malware Config
Signatures
-
Maps connected drives based on registry 3 TTPs 2 IoCs
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cca2a2f5f919dc4d2e6bb47cfad48b28d743e5144f82546eb724a10361a08063.exe"C:\Users\Admin\AppData\Local\Temp\cca2a2f5f919dc4d2e6bb47cfad48b28d743e5144f82546eb724a10361a08063.exe"1⤵
- Maps connected drives based on registry
- Suspicious use of SetWindowsHookEx