Overview

overview

7

Static

static

3

01dc5946bd...7e.exe

windows7-x64

7

01dc5946bd...7e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2023 19:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01dc5946bda6ace6420112adf1b0fe7e.exe

  • Size

    49KB

  • MD5

    01dc5946bda6ace6420112adf1b0fe7e

  • SHA1

    dc68625cc790513836cdbc3f813f821e737e5ee5

  • SHA256

    bbdfb5e43d3d1cf285c5778231d046af230cc2b3df2812dedd95d7d511a9d7c0

  • SHA512

    21595f101e96f77b73468d78e966b308a6b91a0e80c1a19b831259132c352cc75c1057b68d990f9af833d92681b3d4bcaf1e9130e4479b834df033baf28cc4c2

  • SSDEEP

    768:8uu0PYW5tbi1G1x4nIHELNh8CbhQiDUtrEgrqkcrM:8MPYW5tecx4nIkL7PtDUtYB

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\01dc5946bda6ace6420112adf1b0fe7e.exe
    "C:\Users\Admin\AppData\Local\Temp\01dc5946bda6ace6420112adf1b0fe7e.exe"
    1⤵
    • Checks computer location settings
    PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2760-1-0x0000000000400000-0x0000000000414000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2760-2-0x0000000000400000-0x0000000000414000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2760-0-0x0000000002020000-0x0000000002034000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2760-43-0x0000000000400000-0x0000000000414000-memory.dmp

    Filesize

    80KB

    Download