Overview

overview

6

Static

static

1

01617377dc...4d.exe

windows7-x64

6

01617377dc...4d.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    93s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 02:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    01617377dcd2e6426a4ac21698c0b14d.exe

  • Size

    321KB

  • MD5

    01617377dcd2e6426a4ac21698c0b14d

  • SHA1

    571bd541951d38d4fe1dfcac26b893d0d79a2acc

  • SHA256

    122fe00d38b7a2ec80890dab9b814c0a8a7575591439482a08961608baa99798

  • SHA512

    e2cf550259650e311fc690164e4f7c88ce788a09f5af54e5052cebfdb57ceef5abe14bb079521ffbdbc8f4d030aa4d26a755fab4d3ddde3b839cc8e8e87403ac

  • SSDEEP

    6144:PJXIUBz8BDSj/oka16wL6cI9syD+OaanJAfsC55p0WxB0:dTBz0DSj/okaZL6cI9syaOjJAfb5pjB0

Score
6/10

Malware Config

Signatures

  • Maps connected drives based on registry 3 TTPs 2 IoCs

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\01617377dcd2e6426a4ac21698c0b14d.exe
    "C:\Users\Admin\AppData\Local\Temp\01617377dcd2e6426a4ac21698c0b14d.exe"
    1⤵
    • Maps connected drives based on registry
    • Drops file in Windows directory
    PID:3304

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3304-0-0x0000000000900000-0x0000000000A00000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/3304-2-0x0000000004280000-0x00000000042AF000-memory.dmp

          Filesize

          188KB

          Download

        • memory/3304-9-0x00000000046D0000-0x00000000046F7000-memory.dmp

          Filesize

          156KB

          Download