11693e8fc3b22390c555e707dce80711403976c8a30d88ae6c97ec7153ff1ce0

Analysis

max time kernel
122s
max time network
136s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 21:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d6c083c222764aa6a5886cff311421d.exe
Size

287KB
MD5

3d6c083c222764aa6a5886cff311421d
SHA1

1968e8080e840f219b59550f891abcef83d43d49
SHA256

11693e8fc3b22390c555e707dce80711403976c8a30d88ae6c97ec7153ff1ce0
SHA512

5c53bdef5070c421802b43e104d54cd0230e232ad8687681433603500cad36b665ae0ece868a27e7ab694890525c738c4940cfefb6c4ddf8448f4bc1f2a04a23
SSDEEP

3072:smwXIzKLkxJURl7f4CsnxrhhHbY7SQZ3/cySdUj4tgm90edzS69UsLo2nTZ:44Kk/c5fqxrsSQZNITtgmj/UoFnTZ

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\SpeakChic.job	3d6c083c222764aa6a5886cff311421d.exe

C:\Users\Admin\AppData\Local\Temp\3d6c083c222764aa6a5886cff311421d.exe
"C:\Users\Admin\AppData\Local\Temp\3d6c083c222764aa6a5886cff311421d.exe"
1⤵
- Drops file in Windows directory
PID:2316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2316-1-0x0000000001410000-0x0000000001450000-memory.dmp

Filesize
256KB

Download
memory/2316-2-0x0000000000080000-0x00000000000AF000-memory.dmp

Filesize
188KB

Download