Overview

overview

6

Static

static

1

4ee1f21d12...e5.exe

windows7-x64

6

4ee1f21d12...e5.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/01/2024, 17:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4ee1f21d126d693edcef493df0865de5.exe

  • Size

    253KB

  • MD5

    4ee1f21d126d693edcef493df0865de5

  • SHA1

    501f68aa86336f3cd31db15efdfad9312f958bf3

  • SHA256

    2090e6b4838f14a0d72984cb108472ca94fc123cf6306e236d5d157c6c3178bf

  • SHA512

    beac5cf35bf7f47f18d30ee4eb475884946e9c94525f3b60661ff784aa1cf44d0d224a6e545ce6261afbe1073363a2aee9456c2591095f4c6096ab3c5d1b4688

  • SSDEEP

    6144:18zVKMQuqxlEeAW1a4KFAxgw45npgxEKKl/dpz2ZQehNBvki36:+pxzQ67W1HVxgxpIEKK/Pz2ZQehNJkiq

Score
6/10

Malware Config

Signatures

  • Maps connected drives based on registry 3 TTPs 2 IoCs

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4ee1f21d126d693edcef493df0865de5.exe
    "C:\Users\Admin\AppData\Local\Temp\4ee1f21d126d693edcef493df0865de5.exe"
    1⤵
    • Maps connected drives based on registry
    • Drops file in Windows directory
    PID:3476

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3476-0-0x0000000000C70000-0x0000000000C71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3476-3-0x0000000000CA0000-0x0000000000CA1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3476-9-0x0000000000CB0000-0x0000000000CD9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/3476-16-0x0000000000CB0000-0x0000000000CD9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/3476-18-0x0000000000CB0000-0x0000000000CD9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/3476-25-0x0000000000CB0000-0x0000000000CD9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/3476-12-0x0000000001410000-0x0000000001437000-memory.dmp

          Filesize

          156KB

          Download

        • memory/3476-5-0x00000000013E0000-0x000000000140F000-memory.dmp

          Filesize

          188KB

          Download

        • memory/3476-4-0x0000000000CB0000-0x0000000000CD9000-memory.dmp

          Filesize

          164KB

          Download

        • memory/3476-2-0x0000000000C90000-0x0000000000C91000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3476-1-0x0000000000C80000-0x0000000000C81000-memory.dmp

          Filesize

          4KB

          Download