Analysis
-
max time kernel
150s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
07-01-2024 21:43
General
-
Target
49d8e246441f1b3029d35d0c82146ca8.exe
-
Size
52KB
-
MD5
49d8e246441f1b3029d35d0c82146ca8
-
SHA1
3282512db8c863acfd5f10261492aea295314789
-
SHA256
2be200623d4e73547570cd27ad9cb85becb83e69da13849de243d3616dda9c59
-
SHA512
a3b429345b9b5ba0da5c040b08c982b6040a86fce69d5d9512e97acbfd5415f5e5fcad7dbca257dc7fc7beb9fa92c04685cad9eb217ea83cf234c7515b9e5224
-
SSDEEP
1536:Z+peUeBX7ccGd8F9cIQATcAkKU36vCb/Y9D8rpU4:wI1lpKkKRAYAzI6vCrY9Qrn
Malware Config
Signatures
-
Sets DLL path for service in the registry 2 TTPs 3 IoCs
-
Deletes itself 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in System32 directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\49d8e246441f1b3029d35d0c82146ca8.exe"C:\Users\Admin\AppData\Local\Temp\49d8e246441f1b3029d35d0c82146ca8.exe"1⤵
- Sets DLL path for service in the registry
- Loads dropped DLL
- Drops file in System32 directory
-
C:\Windows\SysWOW64\svchost.exeC:\Windows\SysWOW64\svchost.exe -k jhgcbq1⤵
- Deletes itself
- Loads dropped DLL
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
38KB
MD5a01d9d7ed42c5b0c2469e466e3d9b309
SHA1fecbe809aafec1fa93be880474501b80e907ed24
SHA256d60d68614e0756d74cc2303e2ee6662f87a04b5553b6df6664e25d94f8d5206a
SHA512cfdc46602f9072c1587aafeb395956b07a1dfdb92ad984084cdf21fcad4ac0f21978cea364c5996f9543855e7937e4459ab606b8585785b310156590a200d541
-
Filesize
124KB
-
Filesize
8KB
-
Filesize
124KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
124KB
-
Filesize
8KB
-
Filesize
124KB
-
Filesize
124KB
-
Filesize
124KB
-
Filesize
124KB
-
Filesize
124KB
-
Filesize
124KB
-
Filesize
8KB
-
Filesize
20KB
-
Filesize
124KB
-
Filesize
20KB
-
Filesize
8KB
-
Filesize
124KB
-
Filesize
124KB