Overview

overview

6

Static

static

3

b2aa04650d...cd.exe

windows7-x64

6

b2aa04650d...cd.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/01/2024, 15:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b2aa04650d424297b95f9b2908821bcd.exe

  • Size

    860KB

  • MD5

    b2aa04650d424297b95f9b2908821bcd

  • SHA1

    165c3b37d1337b03c2c24343ac95ecd4e1a8b8f1

  • SHA256

    d9e1d385733bd792dec1fc92d173c6c46f32c8fceb64b9247cf7d3162b5a37b9

  • SHA512

    ab8f63d958bfdfcfc8ecdce2e2f03e43b69698412902b40a56d47afac1433dfef81dc253121fd7b2bd1323a8b3bd7126f63b70f1be6685efeab5a7ed1a8f862a

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1D:Hha8iAx+1zwjJHd6vB/ANMfuoYY

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b2aa04650d424297b95f9b2908821bcd.exe
    "C:\Users\Admin\AppData\Local\Temp\b2aa04650d424297b95f9b2908821bcd.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2472

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\AVSCANNER.EXE
          Filesize

          870KB

          MD5

          37e87ebe96d1202f33dfcfd605a697be

          SHA1

          6fc58d24f9f3c264a395d59c05ad85d241917fce

          SHA256

          5228e253cf645fceab578f615ed9c00530e6de7bb2f7e6d99e1e1794ead4ed77

          SHA512

          7dde70617878d13146245ee45379ab880b08609881fabd2ec079de5569571f9c18212caab10f8fcddd7f7cfa820161f5a0db162bbbfa810b699077973b4ed82d

          Download Submit

        • memory/2472-0-0x0000000000400000-0x000000000044C000-memory.dmp

          Filesize

          304KB

          Download

        • memory/2472-7-0x0000000000400000-0x000000000044C000-memory.dmp

          Filesize

          304KB

          Download