Overview

overview

6

Static

static

1

0856d67983...de.exe

windows7-x64

6

0856d67983...de.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    151s
  • max time network
    189s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-12-2023 05:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0856d679830b60b12b5f5359b0e824de.exe

  • Size

    257KB

  • MD5

    0856d679830b60b12b5f5359b0e824de

  • SHA1

    9f913a500ce7717f8ea821e552d535923b950e27

  • SHA256

    16741e00004890e768058acbf8574bb291cd3fb2cf83e1576b5161856696c232

  • SHA512

    595e6d43a426c2c7c6318ed772f5dddcdaa151a2ce57bed0158afc84d86fd3ebf01fad1fe9a52d87637c6e7ae4201a614e4e2ef211aa14b3ca5fbecee7cba373

  • SSDEEP

    3072:I3tpk0dCvZITe4/dkqAZE3Zsd3qTGhMuIj2h+tgz1tRpkNphVGXCPfTpIepEdTMP:ak084erJY6ayhTz+Czsh9TpIepEdTO

Score
6/10

Malware Config

Signatures

  • Maps connected drives based on registry 3 TTPs 2 IoCs

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0856d679830b60b12b5f5359b0e824de.exe
    "C:\Users\Admin\AppData\Local\Temp\0856d679830b60b12b5f5359b0e824de.exe"
    1⤵
    • Maps connected drives based on registry
    • Drops file in Windows directory
    PID:4776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4776-2-0x00000000014F0000-0x00000000014F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4776-0-0x0000000000DF0000-0x0000000000DF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4776-1-0x00000000013E0000-0x00000000013E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4776-3-0x0000000001500000-0x0000000001501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4776-4-0x0000000001E10000-0x0000000001E39000-memory.dmp

    Filesize

    164KB

    Download

  • memory/4776-5-0x00000000026F0000-0x000000000271F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/4776-9-0x0000000001E10000-0x0000000001E39000-memory.dmp

    Filesize

    164KB

    Download

  • memory/4776-12-0x0000000002760000-0x0000000002787000-memory.dmp

    Filesize

    156KB

    Download

  • memory/4776-16-0x0000000001E10000-0x0000000001E39000-memory.dmp

    Filesize

    164KB

    Download

  • memory/4776-18-0x0000000001E10000-0x0000000001E39000-memory.dmp

    Filesize

    164KB

    Download

  • memory/4776-25-0x0000000001E10000-0x0000000001E39000-memory.dmp

    Filesize

    164KB

    Download