129e52b2c93cc026192d8cc216c345ec4492e9f67e6e0a80daa3619c6857574e

General

Target

3f7feb8491c4b21321d60b2422d82e97.exe
Size

6.1MB
MD5

3f7feb8491c4b21321d60b2422d82e97
SHA1

4718dd599d5ae6f08093d1bc251b3564d71b1fc2
SHA256

129e52b2c93cc026192d8cc216c345ec4492e9f67e6e0a80daa3619c6857574e
SHA512

24342cff0dfea810c5df9ef11d933d1d630fdfff6576b930d10db089ffac341cedd18fce9f1dc7d824578259cf4bd5fce443ca7a32ab15c90c5275a4e02e93c9
SSDEEP

196608:/GSGzpnyRAiW9M5tfKY3QbZHEpVsv1LpOrx:/GSGzpytW9egk7OdO

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\3f7feb8491c4b21321d60b2422d82e97.exe
"C:\Users\Admin\AppData\Local\Temp\3f7feb8491c4b21321d60b2422d82e97.exe"
1⤵
PID:3488

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Test-Connection www.google.com -Count 2 -BufferSize 128 -Delay 1
2⤵
PID:1960

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Test-Connection www.google.com -Count 2 -BufferSize 128 -Delay 1
2⤵
PID:4240

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Test-Connection www.google.com -Count 2 -BufferSize 128 -Delay 1
2⤵
PID:4728

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Test-Connection www.google.com -Count 2 -BufferSize 128 -Delay 1
2⤵
PID:1424

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1424-64-0x000001EA14DA0000-0x000001EA14DB0000-memory.dmp

Filesize
64KB

Download
memory/1424-68-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/1424-66-0x000001EA14DA0000-0x000001EA14DB0000-memory.dmp

Filesize
64KB

Download
memory/1424-63-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/1424-65-0x000001EA14DA0000-0x000001EA14DB0000-memory.dmp

Filesize
64KB

Download
memory/1960-14-0x0000025F65E80000-0x0000025F65E90000-memory.dmp

Filesize
64KB

Download
memory/1960-13-0x0000025F65E80000-0x0000025F65E90000-memory.dmp

Filesize
64KB

Download
memory/1960-12-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/1960-11-0x0000025F65C00000-0x0000025F65C22000-memory.dmp

Filesize
136KB

Download
memory/1960-15-0x0000025F65E80000-0x0000025F65E90000-memory.dmp

Filesize
64KB

Download
memory/1960-19-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/3488-108-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-90-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-683-0x000000001C6A0000-0x000000001C6B0000-memory.dmp

Filesize
64KB

Download
memory/3488-134-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-132-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-130-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-128-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-126-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-124-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-122-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-120-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-16-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/3488-1-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/3488-69-0x000000001C6A0000-0x000000001C6B0000-memory.dmp

Filesize
64KB

Download
memory/3488-70-0x000000001E5D0000-0x000000001EC10000-memory.dmp

Filesize
6.2MB

Download
memory/3488-72-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-74-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-71-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-76-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-78-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-80-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-82-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-84-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-86-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-88-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-118-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-94-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-92-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-96-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-100-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-102-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-98-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-104-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-106-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-0-0x00000000002E0000-0x000000000090A000-memory.dmp

Filesize
6.2MB

Download
memory/3488-110-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-112-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-114-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/3488-116-0x000000001E5D0000-0x000000001EC0C000-memory.dmp

Filesize
6.2MB

Download
memory/4240-34-0x000002096BD60000-0x000002096BD70000-memory.dmp

Filesize
64KB

Download
memory/4240-31-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/4240-33-0x000002096BD60000-0x000002096BD70000-memory.dmp

Filesize
64KB

Download
memory/4240-32-0x000002096BD60000-0x000002096BD70000-memory.dmp

Filesize
64KB

Download
memory/4240-36-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/4728-52-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/4728-50-0x000001A1B6B00000-0x000001A1B6B10000-memory.dmp

Filesize
64KB

Download
memory/4728-47-0x00007FFB4D7C0000-0x00007FFB4E281000-memory.dmp

Filesize
10.8MB

Download
memory/4728-48-0x000001A1B6B00000-0x000001A1B6B10000-memory.dmp

Filesize
64KB

Download
memory/4728-49-0x000001A1B6B00000-0x000001A1B6B10000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing