24bfba192d23c6a44ea75bb380be1bb04b1e9990fd81941f21a7a0c27596640c

Analysis

max time kernel
120s
max time network
164s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 22:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3f908ae6d8821aa04501f6d5e698a0b0.exe
Size

285KB
MD5

3f908ae6d8821aa04501f6d5e698a0b0
SHA1

a517b3e59a8652fbc93173d3ceabd41ce0b85e3b
SHA256

24bfba192d23c6a44ea75bb380be1bb04b1e9990fd81941f21a7a0c27596640c
SHA512

ed9d75384147344527e82053d7157dc3def4745a9333494de7fe3768173439fe003f728dba8934946c04818472061418d289ff815408ce81882c4885d03f1922
SSDEEP

6144:hT+rcN3OVThHZP6kZgSm6wEGDBEgqs60tB:hT+AQTh5CkZjm0sBETsPtB

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\Bidaily Synchronize Task[973b].job	3f908ae6d8821aa04501f6d5e698a0b0.exe

C:\Users\Admin\AppData\Local\Temp\3f908ae6d8821aa04501f6d5e698a0b0.exe
"C:\Users\Admin\AppData\Local\Temp\3f908ae6d8821aa04501f6d5e698a0b0.exe"
1⤵
- Drops file in Windows directory
PID:2884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2884-0-0x0000000000020000-0x0000000000040000-memory.dmp

Filesize
128KB

Download
memory/2884-1-0x0000000000160000-0x000000000018F000-memory.dmp

Filesize
188KB

Download
memory/2884-5-0x0000000000020000-0x0000000000040000-memory.dmp

Filesize
128KB

Download
memory/2884-12-0x0000000000020000-0x0000000000040000-memory.dmp

Filesize
128KB

Download