401870777b39b6ffbfd5ec96ae79470e9caf2d2b5526927100dd91e87b3228ee

Analysis

max time kernel
151s
max time network
155s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
11-08-2023 17:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

teracopy.exe
Size

8.8MB
MD5

a239dd732bbde581f4255fcda1c24503
SHA1

b44edeba1dac8727ef6f7185d1efd10bae6e76f2
SHA256

401870777b39b6ffbfd5ec96ae79470e9caf2d2b5526927100dd91e87b3228ee
SHA512

e4a62aa2b46bb84f971ac85f84d081bec0a082f4ebb611034c224535a6b6632a5434c7c2173380adb8a9d372404d3c84abcacbbe25fb10a388b07812f00dc159
SSDEEP

196608:6vGacofn0ob2Kzk2WZ5WKkOYeig7Tx0+ltec4/ou/y8uKrsTN2:6veof0oFznWXWKkOY7WO+DP4u8uKr

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\teracopy.exe
"C:\Users\Admin\AppData\Local\Temp\teracopy.exe"
1⤵
PID:2224

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize
252B

MD5
5e449606b6ff57197a8c0d001d232212

SHA1
118c00b9983ec6adac3b2ceada35865803de44f6

SHA256
758c5464d22fa0bd41a237f9e7fd7015d0d798f09c680c431c7080309cc040ec

SHA512
83291e257ed738251dee375e8b20411b6f4fdeaff7d8e5424189235136c5094e2f5b0e22b9dca8a2d2ab59e0af6d2bb90018452feaf0adcca40e17fa5e51fd0b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize
242B

MD5
1c5e9b393a9fb6ecc205b0ef176eecf7

SHA1
eb3fc932759a309fbd73740ea785d3b310ad658d

SHA256
7945c64e895c9e0d02132bfaa15a04a0938348200c42746838fcf6389a07ae73

SHA512
9e5f11f048ac2871ee2a0b4772ddfcc983564cd7a26871340c4766c84343e8e22f4a1c7f0d7949099cc7b903ef840dfe0fa2aee0cd818d312c5363b5a594d713

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab321.tmp
Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar546.tmp
Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
C:\Users\Admin\AppData\Local\Temp\updE736.tmp
Filesize
776B

MD5
b287933904414534e1dfad658366b005

SHA1
5e4272993bb4351a149db37f38320d2824bf55f5

SHA256
49cafb68b36b8129b3703a77a73aac3d86e06f9bd4725b24d3dd05b7cfea7f2a

SHA512
b9e589614c4d1d20935fa3537752dbcfc74a231fefb1ceab709dc6a9ffbe4745e5552ffaa522776649855553f7b12c070867dbf21df17be60c52782716222e0a

Download Submit
memory/2224-54-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download