Analysis
-
max time kernel
136s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
25-01-2024 15:59
Static task
static1
Behavioral task
behavioral1
Sample
74cabf10446de5f4067216cb698de00c.exe
Resource
win7-20231215-en
General
-
Target
74cabf10446de5f4067216cb698de00c.exe
-
Size
728KB
-
MD5
74cabf10446de5f4067216cb698de00c
-
SHA1
3a746c65837341cb68cd651f781612b0ed77d126
-
SHA256
7c75119a845ed6e7e3415c7446882088b040a0a3c5a59447679309da6484e700
-
SHA512
aa2a88b80a96c264c149ee37db2c3ef856e065bdc1bc3fafa495eca022b0043916142093abfdab2f2f8a4970811e0c625a041a32ed9707a6d297bb0c0644ea0d
-
SSDEEP
12288:kxXiyygWsXSNBhn6FrwHmJqt4ioLpkvpTL8lY9crZgoctmTXc1E/ZHuy5eM:SyOWXNBhk30pTJ9crZgoBTXckZHtgM
Malware Config
Signatures
-
Checks BIOS information in registry 2 TTPs 1 IoCs
BIOS information is often read in order to detect sandboxing environments.
Processes:
74cabf10446de5f4067216cb698de00c.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion 74cabf10446de5f4067216cb698de00c.exe -
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
74cabf10446de5f4067216cb698de00c.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 74cabf10446de5f4067216cb698de00c.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier 74cabf10446de5f4067216cb698de00c.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
74cabf10446de5f4067216cb698de00c.exepid process 3540 74cabf10446de5f4067216cb698de00c.exe 3540 74cabf10446de5f4067216cb698de00c.exe 3540 74cabf10446de5f4067216cb698de00c.exe 3540 74cabf10446de5f4067216cb698de00c.exe