Analysis

  • max time kernel
    147s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 23:27

General

  • Target

    06e844803c6967e7a6d2c6e06b7cd2d0.exe

  • Size

    984KB

  • MD5

    06e844803c6967e7a6d2c6e06b7cd2d0

  • SHA1

    a8196ba24720f65d0a4dc37c2762d30fede47cbd

  • SHA256

    d12538eb8e2954bfc67cf14114982cdbb400ba5c25c82332d75bf423294e3e67

  • SHA512

    6c229be0b1eb1597c637c76d6302064442f5de8e0079470668d72627cc56cd55c0feeebb222f6e3e16fb38a8be41dadbc200fbe3d75c6cab6edc43827fdcce72

  • SSDEEP

    24576:DKpHUmzE0Wzo9AlXvtGXzIrvdTka9PG5Lo6qX8Jp8Zixl4M:mamGoylXvtG2iU

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Enumerates connected drives 3 TTPs 2 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious behavior: EnumeratesProcesses 51 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06e844803c6967e7a6d2c6e06b7cd2d0.exe
    "C:\Users\Admin\AppData\Local\Temp\06e844803c6967e7a6d2c6e06b7cd2d0.exe"
    1⤵
    • Adds Run key to start application
    • Enumerates connected drives
    • Suspicious behavior: EnumeratesProcesses
    PID:2824

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads