Overview

overview

7

Static

static

3

52c86fdd7a...7d.exe

windows7-x64

7

52c86fdd7a...7d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    31/10/2023, 14:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    52c86fdd7adb6da7d27ddd74d8769c7cb6f673f01c56373c07487205a804a87d.exe

  • Size

    426KB

  • MD5

    7f2dd700c862b18082f3bc059baa60f4

  • SHA1

    a290efe6f8515e3d74d994f65769007e6b963160

  • SHA256

    52c86fdd7adb6da7d27ddd74d8769c7cb6f673f01c56373c07487205a804a87d

  • SHA512

    da2bf3dd3d5365f51464c2e51a295471b055a8bb20cf83c39cf5ed70461837219156389f858c5a662498de1036f951d0e46df5b71ebef6755f0290b99321fd9f

  • SSDEEP

    6144:LugEkIUgJJcDvipCclPqFqnDCkaBgEeAZVA1bDWyTczLIRMbNPDw9CjjvsCJF:LCJJJdpnhUvhVObDWDLIRMZKCjjvJF

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 12 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\52c86fdd7adb6da7d27ddd74d8769c7cb6f673f01c56373c07487205a804a87d.exe
    "C:\Users\Admin\AppData\Local\Temp\52c86fdd7adb6da7d27ddd74d8769c7cb6f673f01c56373c07487205a804a87d.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2792

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files (x86)\Advanced Port Scanner\Advanced Port Scanner.exe
          Filesize

          716KB

          MD5

          03ae3797440d31d37861f4d6de2d733a

          SHA1

          a56ff8b2399d43df8268cf943291fc7263c2f888

          SHA256

          c6b126fe7b70bdf24da0154701063af69856e1bdacbbf2dbca12c62c20228751

          SHA512

          a65355c79ee52936c45a64ad8d4f7966555da31a8d0cd39a6db4d5e60a320828c7d7bb5ccbf56d9fda9b8b6a2494d134bc6521cf03f1acde207e753709f9a7c7

          Download Submit

        • \Program Files (x86)\Advanced Port Scanner\uninstal.exe
          Filesize

          20KB

          MD5

          b83429c6f8335b63dd316bb83edaff23

          SHA1

          e614b5ac3aadc5e83abfc22187b0bc80d47db736

          SHA256

          d671cb4cee92d70460138cf2a2ee3729a14081327abfff52e267915e5832c41b

          SHA512

          7b98b0f6da29818ed7d3e5a09fa613db0ff78c940bb96af84a52b09c8ec4329ebc46dd428847bf980c4ae67fe012d7dc3a9f0ecc6a532b0ecbd4aa86a80e4bea

          Download Submit