Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231025-es -
resource tags
arch:x64arch:x86image:win7-20231025-eslocale:es-esos:windows7-x64systemwindows -
submitted
01/11/2023, 09:29
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
dump3.exe
Resource
win7-20231025-es
2 signatures
300 seconds
Behavioral task
behavioral2
Sample
dump3.exe
Resource
win10v2004-20231023-es
10 signatures
300 seconds
General
-
Target
dump3.exe
-
Size
1.8MB
-
MD5
a18244784b8a9884e0906fabfd542d74
-
SHA1
3ef2cb9e07e21a55dfcbebd1f9f6cf641519b008
-
SHA256
07fc7072ab64146e0b7a09c7b2b116bc00ddd20c06bc28854406c86172cfc6f4
-
SHA512
c7a2617e607c7420039215bd9c3603dd8d9c144261204413e711a875900ebc28a808d90d8621f59519688702326e7a8238042c72c5c3215836deb498b7a979f0
-
SSDEEP
24576:SpLDZM8SQSQrm3cSowFe+2UN5fiskCeonWY48A+7CTfIQs3R2clwmBv/XTInYgse:0Vq+KccetUjICAtQ3wct6k+X6/O
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 dump3.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString dump3.exe -
Enumerates system info in registry 2 TTPs 4 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS dump3.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer dump3.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName dump3.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion dump3.exe