240e7b617eca69e3bbfef4c1efd1780af77f0dd72af29b6bbf00223d691ee099

Analysis

max time kernel
89s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
27/01/2024, 18:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7afdbdf86a845f1e8018e31165958378.exe
Size

538KB
MD5

7afdbdf86a845f1e8018e31165958378
SHA1

a535edef22b344e1f7131cb73923ff8a246cdf23
SHA256

240e7b617eca69e3bbfef4c1efd1780af77f0dd72af29b6bbf00223d691ee099
SHA512

10591f130560aed7e8065cc9306efcee3e3c3d7d6e94649a14c2a18ddd54d1a6142ca70a783456eb21347f14b164451286c7926cfa526e6eb64ebdbda2ed9589
SSDEEP

6144:ah8E0YULP2ZoV0vV/2hkLC4AU3z1cCXRJh1rL1P5o/9J+yEoXJIVe2Jf05oPJM7w:ah87bd0NeiC4A2Zrh5pUge2JNm2sY

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7afdbdf86a845f1e8018e31165958378.lnk	7afdbdf86a845f1e8018e31165958378.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\7afdbdf86a845f1e8018e31165958378.exe
"C:\Users\Admin\AppData\Local\Temp\7afdbdf86a845f1e8018e31165958378.exe"
1⤵
- Drops startup file
PID:2180

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2180-0-0x00000000005D0000-0x00000000005D1000-memory.dmp

Filesize
4KB

Download
memory/2180-2-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/2180-1-0x00000000005E0000-0x00000000005E2000-memory.dmp

Filesize
8KB

Download
memory/2180-3-0x0000000000D60000-0x0000000000D61000-memory.dmp

Filesize
4KB

Download
memory/2180-4-0x0000000000D80000-0x0000000000D81000-memory.dmp

Filesize
4KB

Download
memory/2180-5-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

Filesize
4KB

Download
memory/2180-7-0x0000000000E40000-0x0000000000E41000-memory.dmp

Filesize
4KB

Download
memory/2180-6-0x0000000000E30000-0x0000000000E31000-memory.dmp

Filesize
4KB

Download
memory/2180-8-0x0000000000E50000-0x0000000000E51000-memory.dmp

Filesize
4KB

Download
memory/2180-9-0x0000000000E60000-0x0000000000E61000-memory.dmp

Filesize
4KB

Download
memory/2180-12-0x0000000000E90000-0x0000000000E91000-memory.dmp

Filesize
4KB

Download
memory/2180-11-0x0000000000E80000-0x0000000000E81000-memory.dmp

Filesize
4KB

Download
memory/2180-10-0x0000000000E70000-0x0000000000E71000-memory.dmp

Filesize
4KB

Download
memory/2180-13-0x0000000000E10000-0x0000000000E12000-memory.dmp

Filesize
8KB

Download
memory/2180-14-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/2180-16-0x00000000013F0000-0x00000000013F1000-memory.dmp

Filesize
4KB

Download
memory/2180-15-0x0000000000F00000-0x0000000000F01000-memory.dmp

Filesize
4KB

Download
memory/2180-17-0x0000000001400000-0x0000000001401000-memory.dmp

Filesize
4KB

Download
memory/2180-19-0x0000000001420000-0x0000000001421000-memory.dmp

Filesize
4KB

Download
memory/2180-18-0x0000000000ED0000-0x0000000000ED1000-memory.dmp

Filesize
4KB

Download
memory/2180-20-0x0000000000D90000-0x0000000000D91000-memory.dmp

Filesize
4KB

Download
memory/2180-23-0x0000000000EA0000-0x0000000000ECC000-memory.dmp

Filesize
176KB

Download
memory/2180-22-0x0000000000E20000-0x0000000000E21000-memory.dmp

Filesize
4KB

Download
memory/2180-21-0x0000000000DA0000-0x0000000000DA1000-memory.dmp

Filesize
4KB

Download
memory/2180-24-0x0000000000EE0000-0x0000000000EE1000-memory.dmp

Filesize
4KB

Download
memory/2180-27-0x0000000001440000-0x0000000001441000-memory.dmp

Filesize
4KB

Download
memory/2180-30-0x0000000001430000-0x0000000001431000-memory.dmp

Filesize
4KB

Download
memory/2180-26-0x0000000001410000-0x0000000001411000-memory.dmp

Filesize
4KB

Download
memory/2180-31-0x0000000001520000-0x0000000001521000-memory.dmp

Filesize
4KB

Download
memory/2180-38-0x0000000001530000-0x0000000001531000-memory.dmp

Filesize
4KB

Download