f85de77398b0a0e1aecb95b243ee1fea8a95a0e2dcffea5ce1e96564f56e734a

Analysis

max time kernel
148s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 00:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1d717a02e843ccc2a425c0fbe356daf8.exe
Size

322KB
MD5

1d717a02e843ccc2a425c0fbe356daf8
SHA1

93d625bd40e9b3b1e1c0c7a7cbc41e58d84bf6b3
SHA256

f85de77398b0a0e1aecb95b243ee1fea8a95a0e2dcffea5ce1e96564f56e734a
SHA512

8865e812d288cafca15edc1eb1a8df76039e43f54a343ebb717e67ba5435a06aba6abfbf330b76468ef8fd681e9f6e4a83c129306a75ccd8ba894937747b7fa6
SSDEEP

6144:GsqwIsNU1nQ34ZX/RiWar4/YxfhzK66FNqu7nlhpIF78ovpA:0wI2ynQ3c0Nr4QphZsz7nHpIFQkpA

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 8 IoCs

pid	Process
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe
452	1d717a02e843ccc2a425c0fbe356daf8.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\1d717a02e843ccc2a425c0fbe356daf8.exe
"C:\Users\Admin\AppData\Local\Temp\1d717a02e843ccc2a425c0fbe356daf8.exe"
1⤵
- Loads dropped DLL
PID:452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\AdvSplash.dll

Filesize
6KB

MD5
a1bba35c752b36f575350cb7ddf238e4

SHA1
9603b691ae71d4fbc7a14dbb837bd97cecac8aab

SHA256
0667863d71a3021ab844069b6dd0485f874bf638af478ab11c6fb8b7d6c834b6

SHA512
eb5d3498dd994bec42a437cf91343665d3c35bfe3f6277a7393af6a0b8348772c3166d9be48955edddf6ef79fa508ec8d4f96d7d5df37ecdc52c90042e0a2967

Download Submit
C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\InstallOptions.dll

Filesize
14KB

MD5
0dc0cc7a6d9db685bf05a7e5f3ea4781

SHA1
5d8b6268eeec9d8d904bc9d988a4b588b392213f

SHA256
8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

SHA512
814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\System.dll

Filesize
11KB

MD5
00a0194c20ee912257df53bfe258ee4a

SHA1
d7b4e319bc5119024690dc8230b9cc919b1b86b2

SHA256
dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

SHA512
3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

Download Submit
C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\UAC.dll

Filesize
17KB

MD5
88ad3fd90fc52ac3ee0441a38400a384

SHA1
08bc9e1f5951b54126b5c3c769e3eaed42f3d10b

SHA256
e58884695378cf02715373928bb8ade270baf03144369463f505c3b3808cbc42

SHA512
359496f571e6fa2ec4c5ab5bd1d35d1330586f624228713ae55c65a69e07d8623022ef54337c22c3aab558a9b74d9977c8436f5fea4194899d9ef3ffd74e7dbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\ioSpecial.ini

Filesize
1KB

MD5
49d00e4ea0771846a6cc92970ec77df8

SHA1
4abc3bccc36a5419e873b7fd1d8986c096d2176a

SHA256
edeb5bf2d8110eed30f1b75a8f7f6f36fcc5e85a0c34619cd276d4a2d061420c

SHA512
09c447dff52a6159ccf483aeb61ed40dd89cbe63a09cb813f49d8c69ec70dd5e1fee2b3267bbeae472d437d6c916692a72922879de9694d59e366bf84f1db544

Download Submit
C:\Users\Admin\AppData\Local\Temp\nst4335.tmp\ioSpecial.ini

Filesize
1KB

MD5
6f23f78940b87302838eec4f8b5fadc5

SHA1
8e5fd72612aa0710132e29d315a66e0443121328

SHA256
024a214249595bfe15ea1007f7470c9a144c4f973a6ab503e5aa16bc2ede9d2d

SHA512
1865190a9dc45b3f549dbe2d0144da1603ac4399635299df1fb6e79dbc6fa07843c08d3bf494c6dc02950df3715549116eabc71db0cbebc441d468e4a43546ad

Download Submit