08dabffac926db1c3843b169485a0c70d93aef07e482650d37ad23d04d2fa2e0 | Triage

Analysis

max time kernel
1s
max time network
36s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2023, 10:09

Sharing

Report Analysis Logs

General

Target

3540d1cb1d176cexeexe_JC.exe
Size

58KB
MD5

3540d1cb1d176cda6a9c5448b612aab6
SHA1

ff0347b4ce219038ba00088f6a1f9e6921456403
SHA256

08dabffac926db1c3843b169485a0c70d93aef07e482650d37ad23d04d2fa2e0
SHA512

e75614350113aed92c8dae3ef5782c8a8c01d775bd9ac6c958b7ba0f97c62400abc0ac66c7b588a4d43d167ec2a14046f5998524045c18085bdc9891492fe96d
SSDEEP

1536:vj+jsMQMOtEvwDpj5HyCyh7vtRJ4BqKb1kWWx:vCjsIOtEvwDpj5Hv0F

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\3540d1cb1d176cexeexe_JC.exe
"C:\Users\Admin\AppData\Local\Temp\3540d1cb1d176cexeexe_JC.exe"
1⤵
PID:4404
- C:\Users\Admin\AppData\Local\Temp\misid.exe
  "C:\Users\Admin\AppData\Local\Temp\misid.exe"
  2⤵
  PID:4536

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
58KB

MD5
910659afbd80cb07c251363fa07ef985

SHA1
36a7a31d0765e33eaed8017e2941606449e140f3

SHA256
518dcfce921e8a108b6b8ac44a18f97b212fe790ffede17bb7d4cd8e4d6e32f4

SHA512
ff1f2a01fc6e47fd1d650eda39ff2a7bc152e595fd5e0e109188e69db01f986d324d951a53e59f1fa5ee2e39fdc53542dd7407885e6efc5e4652a2eee103bbe9

Download Submit
C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
58KB

MD5
910659afbd80cb07c251363fa07ef985

SHA1
36a7a31d0765e33eaed8017e2941606449e140f3

SHA256
518dcfce921e8a108b6b8ac44a18f97b212fe790ffede17bb7d4cd8e4d6e32f4

SHA512
ff1f2a01fc6e47fd1d650eda39ff2a7bc152e595fd5e0e109188e69db01f986d324d951a53e59f1fa5ee2e39fdc53542dd7407885e6efc5e4652a2eee103bbe9

Download Submit
C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
58KB

MD5
910659afbd80cb07c251363fa07ef985

SHA1
36a7a31d0765e33eaed8017e2941606449e140f3

SHA256
518dcfce921e8a108b6b8ac44a18f97b212fe790ffede17bb7d4cd8e4d6e32f4

SHA512
ff1f2a01fc6e47fd1d650eda39ff2a7bc152e595fd5e0e109188e69db01f986d324d951a53e59f1fa5ee2e39fdc53542dd7407885e6efc5e4652a2eee103bbe9

Download Submit
memory/4404-133-0x00000000005E0000-0x00000000005E6000-memory.dmp

Filesize
24KB

Download
memory/4404-134-0x00000000005E0000-0x00000000005E6000-memory.dmp

Filesize
24KB

Download
memory/4404-135-0x0000000000600000-0x0000000000606000-memory.dmp

Filesize
24KB

Download