e18c47ee417c27f86193d662d88b7e6a61026c30e965cad0aa1000827160df5a

Analysis

max time kernel
0s
max time network
8s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 05:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1055800e383ab5a9d889859c88acd975.exe
Size

548KB
MD5

1055800e383ab5a9d889859c88acd975
SHA1

30afc638805cbc08189887c07736b374631e3145
SHA256

e18c47ee417c27f86193d662d88b7e6a61026c30e965cad0aa1000827160df5a
SHA512

a8f97d44aaa88eaa67d40ecdec16cea2579e3d5f20a14a716b9313352b351e6ab53f7c056aa49c310ace4c3886b78cdbbf9fd51f4b080a6b3f10555dfd2dfcaa
SSDEEP

6144:VJLtlgLipkFYLV+1JHBF99geFDr6Oh5nW1h0p0tqJuxrGAj+nPbZXtK:rLzkFYLVo93FDrxn+B8JusAjiQ

Score

7^/10

Malware Config

Signatures

Checks BIOS information in registry 2 TTPs 2 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	1055800e383ab5a9d889859c88acd975.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate	1055800e383ab5a9d889859c88acd975.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D19BD7F7-F482-5226-8A9F-F28F29E0812C}	1055800e383ab5a9d889859c88acd975.exe

C:\Users\Admin\AppData\Local\Temp\1055800e383ab5a9d889859c88acd975.exe
"C:\Users\Admin\AppData\Local\Temp\1055800e383ab5a9d889859c88acd975.exe"
1⤵
- Checks BIOS information in registry
- Modifies registry class
PID:3904

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3904-0-0x0000000000400000-0x00000000004C5000-memory.dmp

Filesize
788KB

Download
memory/3904-2-0x00000000004D0000-0x000000000051D000-memory.dmp

Filesize
308KB

Download
memory/3904-9-0x0000000000400000-0x00000000004C5000-memory.dmp

Filesize
788KB

Download
memory/3904-12-0x0000000000400000-0x00000000004C5000-memory.dmp

Filesize
788KB

Download
memory/3904-11-0x00000000004D0000-0x000000000051D000-memory.dmp

Filesize
308KB

Download
memory/3904-10-0x00000000004D0000-0x000000000051D000-memory.dmp

Filesize
308KB

Download
memory/3904-8-0x0000000000400000-0x00000000004C5000-memory.dmp

Filesize
788KB

Download
memory/3904-7-0x0000000000400000-0x00000000004C5000-memory.dmp

Filesize
788KB

Download