Overview

overview

6

Static

static

3

Cleanup.exe

windows7-x64

6

Cleanup.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    87s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2023, 18:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Cleanup.exe

  • Size

    432KB

  • MD5

    12f98e1ad522bc705b80f4a1f7377915

  • SHA1

    1b5a64b94096269a19a76a2ea7068aa4d4ae74e4

  • SHA256

    4cf76aa17531e190c9d7e34c3d8a4d7466386daf3f94d8126afa2841a091a6b4

  • SHA512

    b035d75b03bed2cce5ea30bd56a7403fe29f1bc3895433a814f4253be30d8d7f4aeb78d89b61c3babf80135b3f70bf214bdbe50b35f2856fce4ca745b47eea6c

  • SSDEEP

    6144:KT/uHlTFxbAisqTi7uBCAieWgDg9XX4oyt4J:UuH5z3rBCAlWg0p/ymJ

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 22 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Cleanup.exe
    "C:\Users\Admin\AppData\Local\Temp\Cleanup.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious use of SetWindowsHookEx
    PID:748

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads