292fcfd858695f995f78877bac272962fb19ae1ce1e7b4b90882320ba2b23aa9

Analysis

max time kernel
129s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-12-2023 01:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

292fcfd858695f995f78877bac272962fb19ae1ce1e7b4b90882320ba2b23aa9.exe
Size

133.0MB
MD5

002d8d7d2c919911f99b334bb61c6ba5
SHA1

256a1923bbfced228075f512b61ee51b8d057c8f
SHA256

292fcfd858695f995f78877bac272962fb19ae1ce1e7b4b90882320ba2b23aa9
SHA512

79e9d4aed2c7326668bedc5ff4c8531cb82a3f1479312d9efb2541bce1adc65c4398754363ca3f8decf54398325273bc456b381d5fc8f53cd5a156a6aed27b49
SSDEEP

786432:VWXgFvYWzNQXBVBEEIVeHDWIBV0aMoSctbw17p2NsBHae7XRYBix72TtLwSTRpfx:VWavYvKeh0ew19S8ae7XRuiRAhd

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

C:\Users\Admin\AppData\Local\Temp\292fcfd858695f995f78877bac272962fb19ae1ce1e7b4b90882320ba2b23aa9.exe
"C:\Users\Admin\AppData\Local\Temp\292fcfd858695f995f78877bac272962fb19ae1ce1e7b4b90882320ba2b23aa9.exe"
1⤵
PID:4380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4380-0-0x0000000007300000-0x0000000007C89000-memory.dmp

Filesize
9.5MB

Download
memory/4380-3-0x0000000007300000-0x0000000007C89000-memory.dmp

Filesize
9.5MB

Download
memory/4380-5-0x00000000006A0000-0x0000000000F08000-memory.dmp

Filesize
8.4MB

Download
memory/4380-4-0x0000000008890000-0x0000000009479000-memory.dmp

Filesize
11.9MB

Download
memory/4380-8-0x0000000008890000-0x0000000009479000-memory.dmp

Filesize
11.9MB

Download
memory/4380-9-0x0000000000400000-0x0000000000411000-memory.dmp

Filesize
68KB

Download
memory/4380-12-0x0000000006EC0000-0x0000000006F74000-memory.dmp

Filesize
720KB

Download
memory/4380-15-0x0000000006EC0000-0x0000000006F74000-memory.dmp

Filesize
720KB

Download
memory/4380-16-0x0000000006C20000-0x0000000006C2C000-memory.dmp

Filesize
48KB

Download
memory/4380-19-0x0000000006C20000-0x0000000006C2C000-memory.dmp

Filesize
48KB

Download
memory/4380-20-0x0000000006C00000-0x0000000006C1F000-memory.dmp

Filesize
124KB

Download
memory/4380-23-0x0000000006C00000-0x0000000006C1F000-memory.dmp

Filesize
124KB

Download
memory/4380-24-0x0000000006C50000-0x0000000006C65000-memory.dmp

Filesize
84KB

Download
memory/4380-27-0x0000000006C50000-0x0000000006C65000-memory.dmp

Filesize
84KB

Download
memory/4380-28-0x0000000006CB0000-0x0000000006CD4000-memory.dmp

Filesize
144KB

Download
memory/4380-31-0x0000000006CB0000-0x0000000006CD4000-memory.dmp

Filesize
144KB

Download
memory/4380-32-0x0000000006CA0000-0x0000000006CA9000-memory.dmp

Filesize
36KB

Download
memory/4380-35-0x0000000006CA0000-0x0000000006CA9000-memory.dmp

Filesize
36KB

Download
memory/4380-36-0x0000000006CE0000-0x0000000006CF2000-memory.dmp

Filesize
72KB

Download
memory/4380-39-0x0000000006CE0000-0x0000000006CF2000-memory.dmp

Filesize
72KB

Download
memory/4380-43-0x0000000006D20000-0x0000000006D3D000-memory.dmp

Filesize
116KB

Download
memory/4380-46-0x0000000006D20000-0x0000000006D3D000-memory.dmp

Filesize
116KB

Download
memory/4380-47-0x0000000006E40000-0x0000000006E7A000-memory.dmp

Filesize
232KB

Download
memory/4380-50-0x0000000006E40000-0x0000000006E7A000-memory.dmp

Filesize
232KB

Download
memory/4380-51-0x0000000007170000-0x0000000007259000-memory.dmp

Filesize
932KB

Download
memory/4380-54-0x0000000007170000-0x0000000007259000-memory.dmp

Filesize
932KB

Download
memory/4380-55-0x0000000006E20000-0x0000000006E26000-memory.dmp

Filesize
24KB

Download
memory/4380-58-0x0000000006E20000-0x0000000006E26000-memory.dmp

Filesize
24KB

Download
memory/4380-59-0x00000000097B0000-0x00000000097D8000-memory.dmp

Filesize
160KB

Download
memory/4380-62-0x00000000097B0000-0x00000000097D8000-memory.dmp

Filesize
160KB

Download
memory/4380-63-0x00000000099B0000-0x00000000099EC000-memory.dmp

Filesize
240KB

Download
memory/4380-66-0x00000000099B0000-0x00000000099EC000-memory.dmp

Filesize
240KB

Download
memory/4380-67-0x0000000007F00000-0x0000000007F13000-memory.dmp

Filesize
76KB

Download
memory/4380-147-0x00000000006A0000-0x0000000000F08000-memory.dmp

Filesize
8.4MB

Download