bc865a41c96011fd0504772025dabe61c3fb7914cd4308ac6e0ebe38528f3fa5 | Triage

Analysis

max time kernel
1s
max time network
7s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17-07-2023 13:02

Sharing

Report Analysis Logs

General

Target

85b2f636ea52f7_JC.exe
Size

38KB
MD5

85b2f636ea52f78759653b077fd9e83e
SHA1

383de94ddadb22e206dbddd37119f3d2f8376aca
SHA256

bc865a41c96011fd0504772025dabe61c3fb7914cd4308ac6e0ebe38528f3fa5
SHA512

ec70b28d4cfb81ab415c08d53493a36c3518a0e75364cdf316ae52d2368a7b3ae524e60afd4268fed2a77d8d9d7fb708e5d2b583757a5dbbbb742c20e9781438
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaUfmZlQyEgDrBe:X6QFElP6n+gJQMOtEvwDpjBkfmbQyEgU

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\85b2f636ea52f7_JC.exe
"C:\Users\Admin\AppData\Local\Temp\85b2f636ea52f7_JC.exe"
1⤵
PID:4328
- C:\Users\Admin\AppData\Local\Temp\asih.exe
  "C:\Users\Admin\AppData\Local\Temp\asih.exe"
  2⤵
  PID:216

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
39KB

MD5
3826e89e3f778b3e6c96b78cac050fd2

SHA1
bdb1ff955b52498af5cb765cc234171bebcc1380

SHA256
015da3d7ed62087814a6bfb1f5c3415e9fa99c4a4e1fc25db399cac4bae65b21

SHA512
57c4097e9e24e43eb65326af6e5de27def0742aff2ab7e6d806df216595d3083108842c2f258585e94870a800a22498ab50926e0ec6f9e23201a82e90d1da96a

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
39KB

MD5
3826e89e3f778b3e6c96b78cac050fd2

SHA1
bdb1ff955b52498af5cb765cc234171bebcc1380

SHA256
015da3d7ed62087814a6bfb1f5c3415e9fa99c4a4e1fc25db399cac4bae65b21

SHA512
57c4097e9e24e43eb65326af6e5de27def0742aff2ab7e6d806df216595d3083108842c2f258585e94870a800a22498ab50926e0ec6f9e23201a82e90d1da96a

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
39KB

MD5
3826e89e3f778b3e6c96b78cac050fd2

SHA1
bdb1ff955b52498af5cb765cc234171bebcc1380

SHA256
015da3d7ed62087814a6bfb1f5c3415e9fa99c4a4e1fc25db399cac4bae65b21

SHA512
57c4097e9e24e43eb65326af6e5de27def0742aff2ab7e6d806df216595d3083108842c2f258585e94870a800a22498ab50926e0ec6f9e23201a82e90d1da96a

Download Submit
memory/4328-133-0x0000000000570000-0x0000000000576000-memory.dmp

Filesize
24KB

Download
memory/4328-134-0x0000000000570000-0x0000000000576000-memory.dmp

Filesize
24KB

Download
memory/4328-135-0x0000000002070000-0x0000000002076000-memory.dmp

Filesize
24KB

Download