Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 23:07
Static task
static1
Behavioral task
behavioral1
Sample
1f6e65e42febf4b357fd2b4981db00e4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1f6e65e42febf4b357fd2b4981db00e4.exe
Resource
win10v2004-20231222-en
General
-
Target
1f6e65e42febf4b357fd2b4981db00e4.exe
-
Size
699KB
-
MD5
1f6e65e42febf4b357fd2b4981db00e4
-
SHA1
5767ebe370981cb5ce2bbca7ce0e8c91bc6c3f3b
-
SHA256
b903deba25f4266e16f1768f3614a5901e3ff54f9cab4cc8662fb591db84ace6
-
SHA512
c633a13da9ba46048441c681d8455380b701c674a9a9bbd190c49a580b2d7ebf4cbfa85817bbd09b84f762b0795638418ef4f4e15c97b15d56a92da98728a8a7
-
SSDEEP
12288:phTCpOy31N9JttJKsxfpbFl7JzWHWmOgl71mQlbiwsXkMmNb1fi++IVGAml:phGA4BfnKslZ/EHWmOs1D9sXfYNVGP
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 2976 1f6e65e42febf4b357fd2b4981db00e4.exe 2976 1f6e65e42febf4b357fd2b4981db00e4.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2976 1f6e65e42febf4b357fd2b4981db00e4.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
747B
MD5ac47c051217831f41e034d19b10bbf0d
SHA1b91ae0d8dd50c75aeb41db6b347e824992f878e8
SHA25677b62a5b021f785d630a8df42938715ff5ec5c9c7ffdb7a3eac8bf74e0a966dc
SHA51232caf05a609e455a741a428e79bc857b2f778d2d3ba0d1d6b5fa0c225b271cd835ec70f9ef62cc2d1388ed2d65666461b471881a849d768a35aab9da46fdd94b
-
Filesize
13KB
MD5d765c492c21689e3d9d61634371fd861
SHA1ac200933671ae52c9d5544d0e2e8e9144d286c83
SHA256551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
SHA5129919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f