5699604d46e7ee553090135f7afd09c03f5f4f4bfb45e3add02b503ff648824d

Analysis

max time kernel
29s
max time network
129s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 22:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1e4e56d8718ded1668f40c6f156f9893.exe
Size

1.2MB
MD5

1e4e56d8718ded1668f40c6f156f9893
SHA1

746ac3d4a1e28c90090200ec19fc3fc6c9ff4d00
SHA256

5699604d46e7ee553090135f7afd09c03f5f4f4bfb45e3add02b503ff648824d
SHA512

c5c790ac07fb39e6da0d1624b0b93646ee0b11e0ae5697e1729ed72ef6bbcf7d6afe87bcccb1f891434c04b7360b0844a86023105c8a93801add9f40eb8ee1de
SSDEEP

6144:Ae34MvEq1zQbe9DP3lpr4jAxLY6M6EVagK4:JVzQcbRx9CVPN

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 5 IoCs

pid	Process
2384	1e4e56d8718ded1668f40c6f156f9893.exe
2384	1e4e56d8718ded1668f40c6f156f9893.exe
2384	1e4e56d8718ded1668f40c6f156f9893.exe
2384	1e4e56d8718ded1668f40c6f156f9893.exe
2384	1e4e56d8718ded1668f40c6f156f9893.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\1e4e56d8718ded1668f40c6f156f9893.exe
"C:\Users\Admin\AppData\Local\Temp\1e4e56d8718ded1668f40c6f156f9893.exe"
1⤵
- Loads dropped DLL
PID:2384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
memory/2384-24-0x0000000001CB0000-0x0000000001CC2000-memory.dmp

Filesize
72KB

Download
memory/2384-38-0x0000000001CB0000-0x0000000001CC2000-memory.dmp

Filesize
72KB

Download