Overview

overview

7

Static

static

68602789df...15.exe

windows7-x64

7

68602789df...15.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    105s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/01/2023, 02:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615.exe

  • Size

    5.5MB

  • MD5

    f7d01887a78b0a733bb24ef02e60587e

  • SHA1

    feffef1c8bec053a3e4d2eae47392bafc902d3d4

  • SHA256

    68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615

  • SHA512

    2ca9f455fd19455ebc5b197fa46388e3324860601ecb92faaf1718258618e68a7a80b877d78becf912e2c9fd62144e184b7b802b07585ed55ffb80425578d4aa

  • SSDEEP

    98304:9KVqwunsy/L7pnEuTVHf+lRVhdYGTiv1LJbs2jkRgi0WAFj58EUlFM1oUd85ioHl:9AYsy/LFEAV/+vVL61NTw9ImEUAeUE

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615.exe
    "C:\Users\Admin\AppData\Local\Temp\68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:5016

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/5016-132-0x0000000000400000-0x0000000001853000-memory.dmp

          Filesize

          20.3MB

          Download

        • memory/5016-133-0x00000000035B0000-0x00000000036AD000-memory.dmp

          Filesize

          1012KB

          Download