0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d

Analysis

max time kernel
147s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
13/10/2023, 21:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe
Size

13.8MB
MD5

2a877ccc51272ff18b751450027f36cf
SHA1

eac4f5852e4d3523afa6af16aefd51adfb56878a
SHA256

0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d
SHA512

c1fc819e505ae0930b76746d632abc1c192149d86bb9d9adc518f752f41aee8d9366b3a52e73182a74295b56ba0d931cc1c52ce04c095fdab1bc8728dcd686ab
SSDEEP

393216:Q1S8H5j2CEDilv1EcDnFkAPGqxrEgiYj8Tn0bo07o3fB6:N8H5p7dLTDr3yLXJ6

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2336	0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe
2336	0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe
2336	0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe
2336	0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe

C:\Users\Admin\AppData\Local\Temp\0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe
"C:\Users\Admin\AppData\Local\Temp\0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\0cdf43ed9d8076d79df59fcc81c92230bc3b067cb8e86d7105e599dc4fdccb8d.exepack.tmp

Filesize
2KB

MD5
d2298d1a5d94a376ddf19a44bb60bb10

SHA1
2076110ecb93c6528071e592e130a6bf28c36d6a

SHA256
bdcc171155e731261f168f75ec1e52e07cd6d9d66f1871a271da89524c1034f7

SHA512
84805045778b0acb026a58ee70c7d8508864cbc34eba84d330361cfa9520547c297830097ca4d53621c8101e2afde948301ec6bb09298c6b964935eac1810044

Download Submit
C:\Users\Admin\AppData\Local\Temp\a79f310ae0cdb12b41aa64a04d9034f0.ini

Filesize
1KB

MD5
fb920727b9ae5e9d5dd287e2c6df1ef2

SHA1
dac175d3276f0a72bffa9f107a7c8bd2ee1b675c

SHA256
65574b3f5cf716cc93c16264cfa949e582c92ba8b27687c6b10fc9baef3697c8

SHA512
91c306370f9912d36a266a9a4b782327cda49f231ae16adadea5a4a14af91a45d28ab9bb8ef806ebf2e0de7e51d200f1fd6a260f54c2e07e095cfbb8a07788e0

Download Submit
C:\Users\Admin\AppData\Local\Temp\a79f310ae0cdb12b41aa64a04d9034f0A.ini

Filesize
1KB

MD5
d507bd39b77bceb870e1608068963763

SHA1
7b22f8146d737c209b617007f8568291c8527fb8

SHA256
9790cac03d2e7d06560663943e127d3a579fcf569664616f7fa2496b7074ceb5

SHA512
6ba52a9d21a9c0711d7bd2f7b8621a26859b7101e5a2847340d7e58e0c9eec0149d2f883d41d6002aa01bfc9470ef52f2fdd0c1d22abfac750ddad66d559c6d8

Download Submit
memory/2336-5-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download
memory/2336-6-0x0000000050000000-0x0000000050109000-memory.dmp

Filesize
1.0MB

Download
memory/2336-7-0x0000000002480000-0x0000000002483000-memory.dmp

Filesize
12KB

Download
memory/2336-0-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download
memory/2336-2-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download
memory/2336-1-0x0000000002480000-0x0000000002483000-memory.dmp

Filesize
12KB

Download
memory/2336-320-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download
memory/2336-339-0x0000000050000000-0x0000000050109000-memory.dmp

Filesize
1.0MB

Download
memory/2336-340-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download
memory/2336-344-0x0000000000400000-0x0000000001EAF000-memory.dmp

Filesize
26.7MB

Download