e96679545e13b7562cdb46f1572379df973891559ac6e265c53e4779d6f91659

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 00:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

461df9622debd542ab96de3a1c8e8676.exe
Size

68KB
MD5

461df9622debd542ab96de3a1c8e8676
SHA1

b4c22a0541803126023eefd0a16c20089a909eef
SHA256

e96679545e13b7562cdb46f1572379df973891559ac6e265c53e4779d6f91659
SHA512

d54cc6bb6be7cfcda06080106d0e8ef3ea12135955b6018d77584a6f996322ff5e6f462087cd1486cb4435ae2e77f7ea757a5e378784cf0d752a32af5bd0f441
SSDEEP

768:cci8nph3taWdfMRuQR4l0BfJ4uaXT1XZ/GL/OirYcSXF3xiB9vsQBela6MfsGU/W:ccVpts00dSuaXTD/GiiGeRSTasGc+cq

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Pinyin IME = "C:\\Users\\Admin\\AppData\\Local\\Temp\\461df9622debd542ab96de3a1c8e8676.exe"	461df9622debd542ab96de3a1c8e8676.exe

C:\Users\Admin\AppData\Local\Temp\461df9622debd542ab96de3a1c8e8676.exe
"C:\Users\Admin\AppData\Local\Temp\461df9622debd542ab96de3a1c8e8676.exe"
1⤵
- Adds Run key to start application
PID:3732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads