Analysis
-
max time kernel
142s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20230831-en -
resource tags
arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system -
submitted
04-09-2023 02:38
Static task
static1
Behavioral task
behavioral1
Sample
140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe
Resource
win10v2004-20230831-en
General
-
Target
140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe
-
Size
14.9MB
-
MD5
d40c752be4be6f6f39f98c722003e300
-
SHA1
8e173fb3f24d9ac088e8132c4a206cbdb6bce17a
-
SHA256
140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab
-
SHA512
6932ab4ac2176fca3b273bab977c2a12740043d32d1d58de6cd68d323fa9427f385c99dcb4a3310fb55666bc68f00e3d35646034bd2811e3ad347d1ac6778c24
-
SSDEEP
393216:r9ZmNHw+UksicTaVZ+9S435/VXDmwsWwZk:IxsicG+9S4/CwIZk
Malware Config
Signatures
-
Loads dropped DLL 5 IoCs
pid Process 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe 4636 140c89b38ac50f29b541457ba85bb770a83564af0d1b00002f4d275eaa1323ab.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5KB
MD5b49d6564c3897f96e2750aae764f7b47
SHA1d4d5a4c7ddb8fb17496206364bfd84d0db69d28f
SHA25631b5a8dc9026d871db07ecfb542869db1fd8ade38c6424dfe32edfe6c13473ff
SHA512cdfbd8826ed88af3beeb60b6fb850382b700bd7f908c0947fa14719173efadd227f908aa160263d6cf028db1c26a47ff1673b106281b82b77712e6f919553396
-
Filesize
12KB
MD58ebaa07760345c92c19db6662c2dfb7d
SHA125f981b561bbf267c35c8a4d761fb90209913bb7
SHA25682d6235ad68a124bb1ce7bd9575011e089ffa9e0634c88b46c0d9a32834e459f
SHA51231e9e0927b000a7512091dce7ea6b6ea1f813de89aead95dfa97086733ed9a6d2093a029a0a3323aa47a64a79a1edc762099e66070c7f9939e681eb072a781e3
-
Filesize
9KB
MD555e14a574a8a4fc26cb19ba400d69cd0
SHA1b729aa39c49c53637c0b298b16d2a65e5939a450
SHA256d8f580613c63daa9a2bea73c508a147bd36e9d77c5ed6f1e5dd12d07fa302484
SHA512dc8cba045d913975822d6303137011ec5b345538604da99dc1d86751df468c5fb32d1baa000d34d29a089c334c56131a24b51c469670505be2462e6eb6a41e7a
-
Filesize
5KB
MD51893074522a853f68805a1b99a6ed91b
SHA1cf0ddafeb6f3b5ef496ba03d2d170fbd796aecea
SHA256cd85f428b4eac6c766b95491cc44959d47d3ba578f37cf402a8d5d5d8e2a00c3
SHA5127779b3b64d9cc16b576bf3a3513b43620efdd72351e451c7a70c5c0728592300b6adfc24d6efbc4f3107834a14b9de424e1478d9d69b22bbbaea9d53ec3d6f43
-
Filesize
5KB
MD51893074522a853f68805a1b99a6ed91b
SHA1cf0ddafeb6f3b5ef496ba03d2d170fbd796aecea
SHA256cd85f428b4eac6c766b95491cc44959d47d3ba578f37cf402a8d5d5d8e2a00c3
SHA5127779b3b64d9cc16b576bf3a3513b43620efdd72351e451c7a70c5c0728592300b6adfc24d6efbc4f3107834a14b9de424e1478d9d69b22bbbaea9d53ec3d6f43
-
Filesize
5KB
MD51893074522a853f68805a1b99a6ed91b
SHA1cf0ddafeb6f3b5ef496ba03d2d170fbd796aecea
SHA256cd85f428b4eac6c766b95491cc44959d47d3ba578f37cf402a8d5d5d8e2a00c3
SHA5127779b3b64d9cc16b576bf3a3513b43620efdd72351e451c7a70c5c0728592300b6adfc24d6efbc4f3107834a14b9de424e1478d9d69b22bbbaea9d53ec3d6f43