Overview

overview

3

Static

static

3

6894.exe

windows7-x64

3

6894.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 00:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6894.exe

  • Size

    2.6MB

  • MD5

    a09379ed01e92da719c12b5242bfca5d

  • SHA1

    c8fca882dfc9254a8ccb0c4f1dd520a386ec6893

  • SHA256

    2ef15b9e8ad4adc39b63f187f8e954cf20d75520dd9ec3e383404898a33fa1de

  • SHA512

    a9cf56166fefeccedd4d17b9192b594c91cf2eeb0f8754804e0418b829ca8115040c0033697c4ee17d8a38c0a79bd6bc6091b47639c1cca61e22aa2791311755

  • SSDEEP

    49152:Hl+h+1qs0Y/BTmvuGjHnevq8o1i0ALR1brG:HlK+19VerjHnesqbbrG

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6894.exe
    "C:\Users\Admin\AppData\Local\Temp\6894.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2992

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2992-0-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2992-1-0x0000000000400000-0x0000000000640000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2992-3-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download