Overview

overview

6

Static

static

3

21f32debcc...7e.exe

windows7-x64

6

21f32debcc...7e.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    167s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21f32debcc0dea70fbe2a6b5d0516b1922558c1a71f3bf994519a10bef0ae27e.exe

  • Size

    3.8MB

  • MD5

    80dc10588be6dc22c07002424594c62d

  • SHA1

    a85ea0f59b2b552258cfb54ae37acd0f71ee5275

  • SHA256

    21f32debcc0dea70fbe2a6b5d0516b1922558c1a71f3bf994519a10bef0ae27e

  • SHA512

    a910e439611029aee1bf7898bf3a391000673edab59a581f3670bab47d291ea8425ae8f10ca09e22d9e966875518f92a74c8c10b5e0318fbce853b20b840cce0

  • SSDEEP

    49152:jTA9++SsHPvHV8YTpFIChtcLphFcWgJ3sv54PONhx7jZd4AFmT:jyHlDGLaA

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 22 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\21f32debcc0dea70fbe2a6b5d0516b1922558c1a71f3bf994519a10bef0ae27e.exe
    "C:\Users\Admin\AppData\Local\Temp\21f32debcc0dea70fbe2a6b5d0516b1922558c1a71f3bf994519a10bef0ae27e.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1356-0-0x00000000032C0000-0x00000000032C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1356-1-0x00000000032F0000-0x0000000003371000-memory.dmp

    Filesize

    516KB

    Download

  • memory/1356-3-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-4-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-7-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-8-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-9-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-10-0x0000000003E90000-0x0000000003EC3000-memory.dmp

    Filesize

    204KB

    Download

  • memory/1356-12-0x0000000004010000-0x0000000004049000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1356-13-0x0000000004010000-0x0000000004049000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1356-14-0x0000000004010000-0x0000000004049000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1356-15-0x0000000004010000-0x0000000004049000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1356-16-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-17-0x0000000003380000-0x00000000033D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1356-18-0x0000000004010000-0x0000000004049000-memory.dmp

    Filesize

    228KB

    Download