304b75ce8662fb2d813ca5999bb6e736669f758761c26813c58a5cc204a5c729 | Triage

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
15/10/2023, 19:41

Sharing

Report Analysis Logs

General

Target

924b51f577c2ef518cd7cf99da3673c0_exe32.exe
Size

4KB
MD5

924b51f577c2ef518cd7cf99da3673c0
SHA1

671dc19c1be7a629559f2248819752ce42629206
SHA256

304b75ce8662fb2d813ca5999bb6e736669f758761c26813c58a5cc204a5c729
SHA512

85300871dc7f0a01adefc44b9e8d97f8ff6e5bbc64d16769cabd73e8d48be11f3e595674994950eafff31cee6c60dd77742233ff5319b8c46f4b53b555c477af
SSDEEP

48:6oeHntXaF/8bWfdfSE3rv9FJXcV4MKe25GmvdwvqBHnOul6a3eqXSfbNtm:knBi2WfdfZ3rveVx9A2vk5MK+zNt

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\924b51f577c2ef518cd7cf99da3673c0_exe32.exe
"C:\Users\Admin\AppData\Local\Temp\924b51f577c2ef518cd7cf99da3673c0_exe32.exe"
1⤵
PID:1900

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1900-0-0x00000000013E0000-0x00000000013E8000-memory.dmp

Filesize
32KB

Download
memory/1900-2-0x000000001AF20000-0x000000001AFA0000-memory.dmp

Filesize
512KB

Download
memory/1900-1-0x000007FEF5C90000-0x000007FEF667C000-memory.dmp

Filesize
9.9MB

Download
memory/1900-3-0x000007FEF5C90000-0x000007FEF667C000-memory.dmp

Filesize
9.9MB

Download