Overview

overview

7

Static

static

3

7c302d4b0a...7b.exe

windows7-x64

7

7c302d4b0a...7b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 04:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7c302d4b0a9638a87e705c314d232f7b.exe

  • Size

    46KB

  • MD5

    7c302d4b0a9638a87e705c314d232f7b

  • SHA1

    7fca42b6c8ea5149b5c38bd39beaf1a1f8419f04

  • SHA256

    f11b6701a12547a33a4119d22544a3e07e04c24cd0ecb9ca20561303784542b4

  • SHA512

    ca8704a42b12758f1a0e9a5db98dd4fa92f3e53d25d521ee97767b3a462820f7934587fbd3530fe409d46a356aedb01fd7305893afc917373a6b9e2fbf962cb2

  • SSDEEP

    768:d0CtJAMoLnnvWWPSSRyU40BMvGgYZEHBGBAVb3ziNqGULQ3lYAZlX5:d0cboDvRPSS1TBMvVuEhR6NqGsOlYsl

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7c302d4b0a9638a87e705c314d232f7b.exe
    "C:\Users\Admin\AppData\Local\Temp\7c302d4b0a9638a87e705c314d232f7b.exe"
    1⤵
    • Checks computer location settings
    PID:1208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1208-0-0x00000000006B0000-0x00000000006BF000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1208-1-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1208-2-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1208-43-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1208-45-0x00000000006B0000-0x00000000006BF000-memory.dmp

    Filesize

    60KB

    Download