Overview

overview

6

Static

static

3

2917996CBC...DC.exe

windows7-x64

6

2917996CBC...DC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 20:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2917996CBCFDDF131682A0079BDECF56585CE5E763A2830B9DBCD59AE8B696DC.exe

  • Size

    949KB

  • MD5

    970b25a5d4b08da3326cae9ed1d3d6a0

  • SHA1

    8ba10febec796e351b4c4f07d31100b7598db2d0

  • SHA256

    2917996cbcfddf131682a0079bdecf56585ce5e763a2830b9dbcd59ae8b696dc

  • SHA512

    2269f35db0c06a27600d2f943b7d439876a32c7c94a8ed30ab42bd53d67af9e30f0e46f1018d90ad2fab2a4d90e5b279e0027df92bef1a00a5fd33eff366972f

  • SSDEEP

    12288:JHnmchMRsL9KpgyzvFxKVpBehwU3p35Dg:1nFMo9KphcVpBehw4g

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 22 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2917996CBCFDDF131682A0079BDECF56585CE5E763A2830B9DBCD59AE8B696DC.exe
    "C:\Users\Admin\AppData\Local\Temp\2917996CBCFDDF131682A0079BDECF56585CE5E763A2830B9DBCD59AE8B696DC.exe"
    1⤵
    • Enumerates connected drives
    • Checks processor information in registry
    PID:1288

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1288-0-0x0000000002350000-0x000000000244E000-memory.dmp

          Filesize

          1016KB

          Download

        • memory/1288-8-0x00000000000D0000-0x00000000000F9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/1288-9-0x0000000010000000-0x0000000010022000-memory.dmp

          Filesize

          136KB

          Download

        • memory/1288-15-0x0000000000B80000-0x0000000000C7B000-memory.dmp

          Filesize

          1004KB

          Download

        • memory/1288-16-0x00000000000D0000-0x00000000000F9000-memory.dmp

          Filesize

          164KB

          Download