Analysis

  • max time kernel
    144s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-12-2023 12:53

General

  • Target

    29c14db2b9dab16788707bca13341a48.exe

  • Size

    80KB

  • MD5

    29c14db2b9dab16788707bca13341a48

  • SHA1

    bd742f5dca9a4cb85022be52ae5c5b06c68922b3

  • SHA256

    cc81a1d881e8f958dd702cb9540831f74dd22a9e47045c6d6646b5c78e7f5676

  • SHA512

    acb36c3d3dd6b1b3905e4b1c2bf4ce34ef76b60b890d4ce74deabcf6bfa71eb9557dc5bd41585882bf3c14f44c56575708b485559827615fd22ecc72db3d1e35

  • SSDEEP

    1536:tuzIzaI4YrJ6vUxA1uAC18yHio/1D/Qml5OjmU717jMUE4mI:gvUxA1uAC1lH1D55ImU5j

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\29c14db2b9dab16788707bca13341a48.exe
    "C:\Users\Admin\AppData\Local\Temp\29c14db2b9dab16788707bca13341a48.exe"
    1⤵
      PID:2084

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Credential Access

    Unsecured Credentials

    1
    T1552

    Credentials In Files

    1
    T1552.001

    Collection

    Data from Local System

    1
    T1005

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2084-0-0x00000000006A0000-0x00000000006BA000-memory.dmp
      Filesize

      104KB

    • memory/2084-1-0x00007FFCC8750000-0x00007FFCC9211000-memory.dmp
      Filesize

      10.8MB

    • memory/2084-5-0x00007FFCC8750000-0x00007FFCC9211000-memory.dmp
      Filesize

      10.8MB