16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592

Analysis

max time kernel
28s
max time network
31s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
30/06/2023, 19:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Size

960KB
MD5

ca598d1217ee37e6e6b9a99abbc4c8a9
SHA1

b64716be8c71af701936f920a336b750ded83ff1
SHA256

16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592
SHA512

43c3bc319c1206c12f24e7fe64e66268de3181e9115df35fa79cf129b3dd36b0e93f3294e45f5915c7b6d963323bd1b614cb45721f2a1fb9f51a867757bd1dca
SSDEEP

12288:+3mO8/F7h5Lf6RUYSx05bkkr58xzzATM/Tv0rta0hP5kTjg2xWmA3zvaT3+yrlO:Jt9jf6RPPmxz8MLz0hBkHxWmA3eTuy8

Score

1^/10

Malware Config

Signatures

Modifies Control Panel 9 IoCs

evasion

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\iDate = "2"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\sTimeFormat = "HH:mm:ss"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\iTLZero = "1"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\iTimePrefix = "0"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\sTime = ":"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\sLongDate = "yyyy-MM-dd"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\sShortDate = "yyyy-MM-dd"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\sDate = "-"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1306246566-3334493410-3785284834-1000\Control Panel\International\iTime = "1"	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1740	16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe

C:\Users\Admin\AppData\Local\Temp\16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe
"C:\Users\Admin\AppData\Local\Temp\16a9e58be2c7dfad3a34d9b235ce91fdfd2682c0157d83fe4f3dd25edc66a592.exe"
1⤵
- Modifies Control Panel
- Suspicious behavior: EnumeratesProcesses
PID:1740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1740-54-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/1740-55-0x0000000000400000-0x00000000004F2000-memory.dmp

Filesize
968KB

Download