10549ceed52da3aab6bfd03e867effe832861a9a645fc3702af16bf4a96b2551

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 17:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7ef2c1114af8faf6e4c86111c4024474.exe
Size

367KB
MD5

7ef2c1114af8faf6e4c86111c4024474
SHA1

1722c855f3d7e96f13b78dae0c2b8b8c16619910
SHA256

10549ceed52da3aab6bfd03e867effe832861a9a645fc3702af16bf4a96b2551
SHA512

03ef61168ba07abc18b946b32a6e00173da75db0a9beef173f11be5e2866dd2cfb4bc98b5021cab2ac2b2045618db5b7a6960c8a0e5528d765028b0ec232a430
SSDEEP

6144:dPfQwGCu7fWDISwpDJ84Y9Y2h1IJggpuZACMb9himxi7H0By9ybU:hYwGp7fWDelDeO+AIWxy9yI

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7ef2c1114af8faf6e4c86111c4024474.lnk	7ef2c1114af8faf6e4c86111c4024474.exe

Loads dropped DLL 1 IoCs

pid	Process
2928	7ef2c1114af8faf6e4c86111c4024474.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\7ef2c1114af8faf6e4c86111c4024474.exe
"C:\Users\Admin\AppData\Local\Temp\7ef2c1114af8faf6e4c86111c4024474.exe"
1⤵
- Drops startup file
- Loads dropped DLL
PID:2928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\ProgramData\{3cea31f1-f28e-15eb-3cea-a31f1f28c7c7}\7ef2c1114af8faf6e4c86111c4024474.exe

Filesize
367KB

MD5
7ef2c1114af8faf6e4c86111c4024474

SHA1
1722c855f3d7e96f13b78dae0c2b8b8c16619910

SHA256
10549ceed52da3aab6bfd03e867effe832861a9a645fc3702af16bf4a96b2551

SHA512
03ef61168ba07abc18b946b32a6e00173da75db0a9beef173f11be5e2866dd2cfb4bc98b5021cab2ac2b2045618db5b7a6960c8a0e5528d765028b0ec232a430

Download Submit
memory/2928-16-0x0000000000670000-0x0000000000671000-memory.dmp

Filesize
4KB

Download
memory/2928-8-0x00000000001E0000-0x00000000001E1000-memory.dmp

Filesize
4KB

Download
memory/2928-2-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/2928-1-0x0000000000080000-0x0000000000081000-memory.dmp

Filesize
4KB

Download
memory/2928-12-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/2928-24-0x0000000000680000-0x0000000000681000-memory.dmp

Filesize
4KB

Download
memory/2928-23-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/2928-22-0x0000000000030000-0x0000000000032000-memory.dmp

Filesize
8KB

Download
memory/2928-21-0x0000000000720000-0x0000000000721000-memory.dmp

Filesize
4KB

Download
memory/2928-20-0x00000000006B0000-0x00000000006B1000-memory.dmp

Filesize
4KB

Download
memory/2928-19-0x00000000006D0000-0x00000000006D1000-memory.dmp

Filesize
4KB

Download
memory/2928-18-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/2928-17-0x0000000000690000-0x0000000000691000-memory.dmp

Filesize
4KB

Download
memory/2928-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2928-3-0x0000000000180000-0x0000000000181000-memory.dmp

Filesize
4KB

Download
memory/2928-15-0x0000000000660000-0x0000000000661000-memory.dmp

Filesize
4KB

Download
memory/2928-6-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2928-11-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/2928-10-0x00000000005D0000-0x00000000005D1000-memory.dmp

Filesize
4KB

Download
memory/2928-9-0x00000000001B0000-0x00000000001B2000-memory.dmp

Filesize
8KB

Download
memory/2928-14-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download
memory/2928-7-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2928-13-0x00000000005E0000-0x00000000005E1000-memory.dmp

Filesize
4KB

Download
memory/2928-5-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/2928-25-0x0000000000770000-0x0000000000771000-memory.dmp

Filesize
4KB

Download
memory/2928-26-0x00000000006F0000-0x000000000071C000-memory.dmp

Filesize
176KB

Download
memory/2928-28-0x00000000009A0000-0x00000000009A1000-memory.dmp

Filesize
4KB

Download
memory/2928-31-0x0000000000CA0000-0x0000000000CA1000-memory.dmp

Filesize
4KB

Download
memory/2928-4-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/2928-39-0x0000000000CD0000-0x0000000000CD1000-memory.dmp

Filesize
4KB

Download