Overview

overview

6

Static

static

1

5cb202408d...88.exe

windows7-x64

6

5cb202408d...88.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 07:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5cb202408ddf2b8a8b94a86013e4df88.exe

  • Size

    325KB

  • MD5

    5cb202408ddf2b8a8b94a86013e4df88

  • SHA1

    73123c5453c9fa590ae86bf512ffd39c0691a520

  • SHA256

    2425edf35bde090fd2bdbf4179b9dcc9b396b2249bae6eeaf1c49c3f67577190

  • SHA512

    6587cda684fd5aac03ed968d9340461099824f582947e246767508f6f5983c56d35b5c480eadc2362facf271ea32e2da08e12620b85842c8f739d4be6ac62c9d

  • SSDEEP

    6144:KQl313aAKsdIT+LmZmz6dQ0np2q17TqnX4iPednUYg2r3dV:zlF3Mn6LY+0npX1inX4uO3dV

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Maps connected drives based on registry 3 TTPs 2 IoCs

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5cb202408ddf2b8a8b94a86013e4df88.exe
    "C:\Users\Admin\AppData\Local\Temp\5cb202408ddf2b8a8b94a86013e4df88.exe"
    1⤵
    • Maps connected drives based on registry
    • Drops file in Windows directory
    PID:2084

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2084-1-0x0000000001200000-0x0000000001240000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2084-2-0x0000000000370000-0x000000000039F000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2084-9-0x0000000000310000-0x0000000000337000-memory.dmp

          Filesize

          156KB

          Download