514b1a341085ddb15251112347277998a90769ec02a133080febbbb29ac20220

Analysis

max time kernel
0s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 07:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2d3c1e252ea7f6b3d7a3d3db2310726e.exe
Size

255KB
MD5

2d3c1e252ea7f6b3d7a3d3db2310726e
SHA1

c5321f83d53e9009c11ba17e2f6a7e096b6e37e4
SHA256

514b1a341085ddb15251112347277998a90769ec02a133080febbbb29ac20220
SHA512

da2276f1a58d9b7edcf1fb74a6d981eafaf690805cf7a3bc3307a867ded344459d7ef9dda256714c62aa1e03e72b0d4cec302b17425fc3dbb841d441c53bf1cf
SSDEEP

3072:PpRi+7FBkMT3F4mOeIEvOIky+/jG83HcxVidk0Li+zstBFCo:PpRi+ZBkcVXOKrkywGrqWDFCo

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\drivers\sermouse.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\SpatialGraphFilter.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\hidinterrupt.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\HpSAMD.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\intelppm.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\ipt.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\pciide.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\serenum.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iaStorAVC.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\lsi_sas2i.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\bridge.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\Drivers\UcmCx.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\circlass.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\NetAdapterCx.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\evbda.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\mausbip.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\DRIVERS\ndistapi.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\nvstor.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\sdbus.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\SDFRd.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\netvsc.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\rdpvideominiport.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\Drivers\msgpioclx.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iagpio.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\msgpiowin32.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\percsas2i.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\tpm.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\tunnel.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\BthA2dp.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\DRIVERS\ndiswan.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\PktMon.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\qwavedrv.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\amdgpio2.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\hidir.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\hidspi.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\lsi_sas.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\MSPQM.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\SerCx.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\acpipmi.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\EhStorTcgDrv.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\ItSas35i.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\NdisImPlatform.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\stexstor.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\Synth3dVsc.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\Acx01000.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\dam.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\mlx4_bus.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\pcmcia.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\DRIVERS\scfilter.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\SiSRaid2.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\MSTEE.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\raspptp.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\DRIVERS\ramdisk.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\vms3cap.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\cht4sx64.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\cht4vx64.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\hvservice.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\system32\drivers\MbbCx.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe
File opened for modification	C:\Windows\System32\drivers\scmbus.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys	2d3c1e252ea7f6b3d7a3d3db2310726e.exe

C:\Users\Admin\AppData\Local\Temp\2d3c1e252ea7f6b3d7a3d3db2310726e.exe
"C:\Users\Admin\AppData\Local\Temp\2d3c1e252ea7f6b3d7a3d3db2310726e.exe"
1⤵
- Drops file in Drivers directory
- Drops file in System32 directory
PID:4512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4512-1-0x0000000002D10000-0x0000000002D11000-memory.dmp

Filesize
4KB

Download
memory/4512-2-0x0000000002CF0000-0x0000000002D0B000-memory.dmp

Filesize
108KB

Download
memory/4512-0-0x0000000002CC0000-0x0000000002CEB000-memory.dmp

Filesize
172KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads