fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c

Analysis

max time kernel
146s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
07/10/2023, 07:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c.exe
Size

5.6MB
MD5

5696368882ccba869fc9ca788cb58ab8
SHA1

01a8d5c5559a6e517de23376f3ef272b80692649
SHA256

fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c
SHA512

e70a5c394690ae0c0837fc6cc86196e14f0123d9c36c94baa39850474af633dba5565b919b03dbd500f83930bdeaf9a3e38398240e46964da546fb6b69f9e510
SSDEEP

98304:H2LV6eaSLm/cR94IXsYmVG0VqK4yXmJqyd2R4gcL9d6k8Zjs2EO:H2vaLcR9BXsYIGKqqXmkr4gcrQjs2EO

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c.exe

C:\Users\Admin\AppData\Local\Temp\fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c.exe
"C:\Users\Admin\AppData\Local\Temp\fa3946b1c73df7bdec90f4aabf603121b1651401f6389183837136c08e2d889c.exe"
1⤵
- Checks processor information in registry
PID:416

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx

Filesize
366B

MD5
ccfb19e7be8bef78c5765c97e035969a

SHA1
c977505b2356f1ece425643502401a5af9fa5833

SHA256
46f5ea7f33cff2ba50922af808caa4b02b6b7a27a9fc4af83af549d41371071d

SHA512
55c3ab431f44485c1ab7ccf1387deab96db0968c4173b68aaa4c9341e98b245516a5ac60340f1992c5093ce97ba8bab8dc92d5ab993b602247e07214a754360f

Download Submit
memory/416-0-0x0000000003930000-0x0000000003931000-memory.dmp

Filesize
4KB

Download
memory/416-62-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-63-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-64-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-65-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-66-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-67-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-68-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-70-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-71-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-72-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-69-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-73-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-74-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-75-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-76-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-77-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-78-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-79-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-80-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-81-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-82-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-83-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-84-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-85-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-86-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-87-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-88-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-89-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-91-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-90-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-92-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-93-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-94-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-95-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-96-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-97-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-98-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-99-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-100-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-101-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-102-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-103-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-104-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-105-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-106-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-107-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-108-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-109-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-110-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-111-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-112-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-113-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-114-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-115-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-116-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-117-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-118-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-119-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-120-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-121-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-122-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-123-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-124-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download
memory/416-125-0x0000000005190000-0x0000000005390000-memory.dmp

Filesize
2.0MB

Download