169d2833aa4bcf1af90eb808fa63a8c4ad3d9991a5301c105f12f4f7f4cdf9cf

Analysis

max time kernel
157s
max time network
172s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 04:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

540c1de477d4e34e805ba3fee1705e6a.exe
Size

2.0MB
MD5

540c1de477d4e34e805ba3fee1705e6a
SHA1

973ee41c865809a2101ffe0617eda28c8e340a06
SHA256

169d2833aa4bcf1af90eb808fa63a8c4ad3d9991a5301c105f12f4f7f4cdf9cf
SHA512

33cc49cb85144a07f3ef00e059d3e4ac53b0037a25e998a19ce07a723d6a245406785b0c7ced1211e7a06ed853bb5fdfaa5c4858b8c1b2347057d530b000e093
SSDEEP

6144:pid/gfFSJL9ZqFGgXtZbkXuWyyzR221HBb1KpraavzUk7ZUqQ0J7t4OT5ekg+19w:9cZAGSVW911Hx1AraavokOJGbEi9PY

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\540c1de477d4e34e805ba3fee1705e6a.lnk	540c1de477d4e34e805ba3fee1705e6a.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\Bidaily Synchronize Task.job	540c1de477d4e34e805ba3fee1705e6a.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\540c1de477d4e34e805ba3fee1705e6a.exe
"C:\Users\Admin\AppData\Local\Temp\540c1de477d4e34e805ba3fee1705e6a.exe"
1⤵
- Drops startup file
- Drops file in Windows directory
PID:1468

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1468-1-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/1468-0-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/1468-2-0x00000000006D0000-0x00000000006D1000-memory.dmp

Filesize
4KB

Download
memory/1468-4-0x0000000000E20000-0x0000000000E21000-memory.dmp

Filesize
4KB

Download
memory/1468-3-0x0000000000E10000-0x0000000000E11000-memory.dmp

Filesize
4KB

Download
memory/1468-6-0x00000000016F0000-0x00000000016F1000-memory.dmp

Filesize
4KB

Download
memory/1468-5-0x0000000000E30000-0x0000000000E31000-memory.dmp

Filesize
4KB

Download
memory/1468-7-0x0000000000E40000-0x0000000000E41000-memory.dmp

Filesize
4KB

Download
memory/1468-8-0x0000000001730000-0x0000000001731000-memory.dmp

Filesize
4KB

Download
memory/1468-9-0x0000000001750000-0x0000000001751000-memory.dmp

Filesize
4KB

Download
memory/1468-10-0x0000000001760000-0x0000000001761000-memory.dmp

Filesize
4KB

Download
memory/1468-11-0x0000000001770000-0x0000000001771000-memory.dmp

Filesize
4KB

Download
memory/1468-13-0x0000000001790000-0x0000000001791000-memory.dmp

Filesize
4KB

Download
memory/1468-12-0x0000000001780000-0x0000000001781000-memory.dmp

Filesize
4KB

Download
memory/1468-14-0x0000000003B90000-0x0000000003B91000-memory.dmp

Filesize
4KB

Download
memory/1468-15-0x0000000003BA0000-0x0000000003BA1000-memory.dmp

Filesize
4KB

Download
memory/1468-16-0x0000000003BB0000-0x0000000003BB1000-memory.dmp

Filesize
4KB

Download
memory/1468-17-0x0000000003BC0000-0x0000000003BC1000-memory.dmp

Filesize
4KB

Download
memory/1468-18-0x0000000003BD0000-0x0000000003BD1000-memory.dmp

Filesize
4KB

Download
memory/1468-19-0x00000000043F0000-0x00000000043F1000-memory.dmp

Filesize
4KB

Download
memory/1468-20-0x0000000003B80000-0x0000000003B81000-memory.dmp

Filesize
4KB

Download
memory/1468-21-0x0000000004400000-0x0000000004401000-memory.dmp

Filesize
4KB

Download
memory/1468-22-0x0000000004440000-0x0000000004441000-memory.dmp

Filesize
4KB

Download
memory/1468-23-0x0000000004410000-0x000000000443F000-memory.dmp

Filesize
188KB

Download
memory/1468-24-0x0000000004450000-0x0000000004451000-memory.dmp

Filesize
4KB

Download
memory/1468-28-0x0000000004460000-0x0000000004461000-memory.dmp

Filesize
4KB

Download
memory/1468-29-0x0000000003760000-0x0000000003761000-memory.dmp

Filesize
4KB

Download
memory/1468-30-0x0000000003770000-0x0000000003771000-memory.dmp

Filesize
4KB

Download
memory/1468-31-0x0000000003780000-0x0000000003781000-memory.dmp

Filesize
4KB

Download
memory/1468-32-0x0000000003790000-0x0000000003791000-memory.dmp

Filesize
4KB

Download
memory/1468-33-0x00000000037A0000-0x00000000037A1000-memory.dmp

Filesize
4KB

Download
memory/1468-44-0x0000000006470000-0x0000000006471000-memory.dmp

Filesize
4KB

Download