1253d6e28d6586c62c6885b0de417de84ae374ce91fca40dd817fed53fc3983c

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 16:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ee73eec87180b36919d773df5666628.exe
Size

3.2MB
MD5

2ee73eec87180b36919d773df5666628
SHA1

710eb24f2240dd0aa4552fbef437a3af52f641ff
SHA256

1253d6e28d6586c62c6885b0de417de84ae374ce91fca40dd817fed53fc3983c
SHA512

3e81ab94643feff0f9f81fbed9a9c366f8e7ddeb8e97d609709d9208adfdbf7fb4770ee99d858ab8107aef7fc96de2e19481331faa26b96e4c337a3da0de801f
SSDEEP

49152:zDORRY80Oi2wLgo5Ny5OnwUJ2owBD+A8+pnQ2hO1KV2/E94J9CtzcqlbpLA:zDwY80hNSOwUJDpAZpnv2KVyJbqllLA

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 5 IoCs

pid	Process
3824	2ee73eec87180b36919d773df5666628.exe
3824	2ee73eec87180b36919d773df5666628.exe
3824	2ee73eec87180b36919d773df5666628.exe
3824	2ee73eec87180b36919d773df5666628.exe
3824	2ee73eec87180b36919d773df5666628.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\2ee73eec87180b36919d773df5666628.exe
"C:\Users\Admin\AppData\Local\Temp\2ee73eec87180b36919d773df5666628.exe"
1⤵
- Loads dropped DLL
PID:3824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Free_Lunch_Design_TB\nsn4D58.tbFree.dll

Filesize
92KB

MD5
d4c613c07cab9fd9fde78b89b1e103c9

SHA1
96397825c569fbe88614b66ed4e1181a6ac999cb

SHA256
cd8b56aff7e0f718c7ad4073e820011215b50ed69b9071402cdf1e2edeb73bd6

SHA512
f3897381e55b32c52d6f56fe4b5451f7a8268e8d7cf6124ffc00b376f103b84cda0193b9e289a05b01e83a957f7824121fd62b29c7a7159b14fcfe2da87890b5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Free_Lunch_Design_TB\nsn4D58.tbFree.dll

Filesize
115KB

MD5
eaa93cede573e02639e991939b6defb3

SHA1
a64334a14f4b1504bcd4d078cbb3437c430f0265

SHA256
9487c0e461822e36178f637fd43e996fd0b3980d2fbd79f64deef513a8dec871

SHA512
f1577b368bf9e4bf6ad20fb6ac4a0ff6eabde05f8d096e439429da9b0967b040b5d23be271166edacec41c86e2bda323df01d0eb7a1984b4a2aca0d780f00132

Download Submit
C:\Users\Admin\AppData\Local\Temp\Free_Lunch_Design_TB\nsn4D58.tbFree.dll

Filesize
81KB

MD5
eb02cf8f0da37d9205995b1b08d7e1aa

SHA1
7956d52648c6692398a059587c6accbc7f0a6656

SHA256
7b65d7e19f06b3cdd982e695501575e33046edb817be1c3c1bd49dd3491a9239

SHA512
aa1243c5f6be5be5cbc6ad2348fea65c3a5166e3c31a910943ef3374d5f09caa94a486f9e1ad2a7a1df417d34fd27b97d896903e09746cde41e400d47db9ec3d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsm4C1E.tmp\System.dll

Filesize
11KB

MD5
959ea64598b9a3e494c00e8fa793be7e

SHA1
40f284a3b92c2f04b1038def79579d4b3d066ee0

SHA256
03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b

SHA512
5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsm4C1E.tmp\nsIEUtils.dll

Filesize
90KB

MD5
5023311d9692df624bf260ced64cf3ad

SHA1
d3644ab665ac8282c7bd6a0c21baf1f457232c1b

SHA256
3458d7e5623c552423b2f6375e7a8535151b8ae7b0197cee5654d54cb019f01f

SHA512
97a0fefdd56c1e76397f7b78ca0fff19ac2c9e1bcbfe1762723794ddd052022ebd1562273d3acd123e62a746f3b5de8fc7246b461de2aace49ac174087f7391f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsm4C1E.tmp\nsIEUtils.dll

Filesize
71KB

MD5
3224f81de35f4623bb3e9b93bead64ba

SHA1
a9b5703a08e2f0ae7fb65e96d4686b90cb5692d7

SHA256
f024d0586ddd4da828c80f5363c0d318cd0beaa329878a71d034ffaa1123705a

SHA512
f3a5b38ba05ddc35775795aebc4ec118f3b5992c9fc8b2bd30e95ce6ec28548354a0df31dfb013d8d591beee4460f31b84acdf631e15aaee169914f05e65fc2b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsm4C1E.tmp\nsIEUtils.dll

Filesize
62KB

MD5
fa5f116c6c5d3250769f2ef0cc1d4e90

SHA1
aca9933eb7302d0e81c0335d613db2cf4b08ce50

SHA256
57ff5b1d285c50c492620065980718f0c6d94f149886f2c114d0f9a32cc9f999

SHA512
a9a65bad9651fc66ffae4b30cd5e3b9ddf3ae610e9670bc81fd36b454183f23224c6132db81c6ffca92159f9e8c3ab74cdaca6d75707733f271d39dbd468eab6

Download Submit
memory/3824-29-0x0000000003510000-0x0000000003A31000-memory.dmp

Filesize
5.1MB

Download