Overview

overview

6

Static

static

3

10dd9d8df0...48.exe

windows7-x64

6

10dd9d8df0...48.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    89s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-12-2023 08:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    10dd9d8df04d097d5700133143188d48.exe

  • Size

    75KB

  • MD5

    10dd9d8df04d097d5700133143188d48

  • SHA1

    7138b909af43556aa633cb3525eead2cc4e504f6

  • SHA256

    28a671a1fb0a9208aee1a3ed45579d468c6c56b39e24988b2a621ef15f105305

  • SHA512

    f55fcd1538220da17ff74ebb2b7ee2fc4599110b8f54a62b9b4db781895bb1770123c89da775e413ae6d182a402c9095ac6cd52c30d1fae068b1c05817251f0f

  • SSDEEP

    768:jZKM11gG4ChfiPO0rfz0shcUypMC5/VKhZyg3iw7hw:gMDgG4ChfiPOefgsOUqQwgA

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 4 IoCs
    persistence
  • Drops file in Windows directory 14 IoCs
  • Program crash 1 IoCs
  • Modifies registry class 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\10dd9d8df04d097d5700133143188d48.exe
    "C:\Users\Admin\AppData\Local\Temp\10dd9d8df04d097d5700133143188d48.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    • Modifies registry class
    PID:2404
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2404 -s 336
      2⤵
      • Program crash
      PID:4580
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2404 -ip 2404
    1⤵
      PID:4492

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Windows\System\Sysexp32.exe
      Filesize

      35KB

      MD5

      70697b7768b70f61268e7edaf2356a28

      SHA1

      e6bbe08f77117c76d5db6465647797e36e60cba9

      SHA256

      82e977caa113fea01982553dfd70995879d4ee6ea125fda1dc7086956c2c8880

      SHA512

      5748eb54e0a9fdea656b7799281f9599cb13a7770fc15d0fa7c7b874f1f84e8ed579d080c25594d219863fb0d090770919191085cdcd3bc09c1996d1fdb82e8e

      Download Submit