79175bf30ebc380655402a8dd42febc064b41f98b593697a9c9c384052641bf2

Analysis

max time kernel
172s
max time network
187s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 07:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5c46bed146c237e8b34d55d6320f8d40.exe
Size

72KB
MD5

5c46bed146c237e8b34d55d6320f8d40
SHA1

08650dcee6dc6ce5f1c355734f591e7de8972365
SHA256

79175bf30ebc380655402a8dd42febc064b41f98b593697a9c9c384052641bf2
SHA512

e87a3aab14a31c1feedc74192117ac2032d0423cb397389b5c22f8441440a10408a71a9b3b1e14511d226652915218460a87209e9cdb89f123a187d31a74e99c
SSDEEP

1536:AoA/A1KtJwxQltW5gjTeg5kdGIa0xUAzsR6saNB6:7AOgexjICaAzsR6saNB6

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Pinyin IME = "C:\\Users\\Admin\\AppData\\Local\\Temp\\5c46bed146c237e8b34d55d6320f8d40.exe"	5c46bed146c237e8b34d55d6320f8d40.exe

C:\Users\Admin\AppData\Local\Temp\5c46bed146c237e8b34d55d6320f8d40.exe
"C:\Users\Admin\AppData\Local\Temp\5c46bed146c237e8b34d55d6320f8d40.exe"
1⤵
- Adds Run key to start application
PID:3040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads