e5d081ab0e4d96c83e8e4bde59dcb13dd679445da05f8185b8e402c1a83eb2ac

Analysis

max time kernel
117s
max time network
135s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13-01-2024 01:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

57a566bb5c9813a832ac8a4eb3e2f2b5.exe
Size

5.0MB
MD5

57a566bb5c9813a832ac8a4eb3e2f2b5
SHA1

0ba0f608c8d6550e2be2f5204bd4e1bfd777219f
SHA256

e5d081ab0e4d96c83e8e4bde59dcb13dd679445da05f8185b8e402c1a83eb2ac
SHA512

3200c8adf6c99302cf45cc3a5a85f3220601f2b6e983a4ade82a53e666586f1085339b2d7dddfd2524b0c4e03ad2e28743fe07f53f961efddfd951e0ab1cf012
SSDEEP

98304:6ieYAw/APKRlcaANKwPyOxO36lp4mm7696yUW+gd2Cz6PzZE7FifG:1N/Q+c4wPyIG6ny64yUW+gd2C+lEEu

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
1756	57a566bb5c9813a832ac8a4eb3e2f2b5.exe
1756	57a566bb5c9813a832ac8a4eb3e2f2b5.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\57a566bb5c9813a832ac8a4eb3e2f2b5.exe
"C:\Users\Admin\AppData\Local\Temp\57a566bb5c9813a832ac8a4eb3e2f2b5.exe"
1⤵
- Loads dropped DLL
PID:1756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\gentee00\gentee.dll

Filesize
96KB

MD5
52a8e86ecb39f5bb63b26d4621f8e698

SHA1
51bd9538dc02193e60a35cca499d9a737dfd4e7f

SHA256
ca48e49874eac27d5dd57878de190dd9ae7f76976e1bb095adc002e37fddc709

SHA512
198c6535cdb82420ccd069b496461fc6c9026070188a16a6914f145e8552e1d28def044dab9c2c11bd241bb5c2491c8e8f5b814906ee43db57cb1e87c728438a

Download Submit
\Users\Admin\AppData\Local\Temp\gentee00\guig.dll

Filesize
20KB

MD5
2eaed54cdb5fdb8e6251de8dcd4ec25a

SHA1
597d55b4c90922bfa3e32641316401ccc38bd75a

SHA256
93798ebd08698389485fc9a05a802ca8ae06033c955ed2f3728333ab7584a0ba

SHA512
a1af6506051ebf5aa89700a2430e96f6d4cff078ea5a9285a2a065349482315b4bb92c809c2021898beeb1e0e2ffb4bdb9fbc7941041664eb9e0749f00653a30

Download Submit