4a82077b793e0f8819d73de271a8bfd4160a5c549fadd1a0b8b8a86af7a85676 | Triage

Submit
Reports

Overview

overview

3

Static

static

3

2285.exe

windows7-x64

3

2285.exe

windows10-2004-x64

3

Analysis

max time kernel
220s
max time network
230s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30-12-2023 10:10

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2285.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2285.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

2285.exe
Size

2.5MB
MD5

2f725cf356a683c2dcc3b6087bf925d6
SHA1

fabd9037f00e1b9dd47a461af2eae67844e89b44
SHA256

b2682b92d88ad932441ea1c5caa2e105b066a787cc5ea9799ac5ed83f1475f6b
SHA512

0565c275409e90d4172879ed246b1603753704ce83ff1691c6272b7376100187da31c7d4bcce3b9116d06797bfd333167cc419f60fcf52d52a58f3735a8c14fb
SSDEEP

24576:pelo5jh+9b8SL1lAdL5+FPI3YqOcHQSFablTmVfnxquGjHneFUJfKPmSyjz0dNCY:El+h+1qs0Y/BTmauGjHnevPwj6NDDciv

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\2285.exe
"C:\Users\Admin\AppData\Local\Temp\2285.exe"
1⤵
PID:2564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2564-0-0x00000000023E0000-0x00000000023E1000-memory.dmp

Filesize
4KB

Download
memory/2564-1-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/2564-4-0x00000000023E0000-0x00000000023E1000-memory.dmp

Filesize
4KB

Download
memory/2564-5-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/2564-6-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/2564-7-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/2564-8-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/2564-10-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download

© 2018-2024

Terms | Privacy