02c5809c2873158dd160fd0bfa85d18f6e6a08c15b430d6d9053e53b0cc0bbe4

Analysis

max time kernel
141s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29/01/2024, 04:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7edb54524c64f3fd4d120a9a1b49678b.exe
Size

56KB
MD5

7edb54524c64f3fd4d120a9a1b49678b
SHA1

7dacc91a3da5cf3e9153c713bd7383b3bec596e6
SHA256

02c5809c2873158dd160fd0bfa85d18f6e6a08c15b430d6d9053e53b0cc0bbe4
SHA512

8d5e476b0e7953efc4e40559a74356fac105e15568298afa8056a99456d715f2e6163bd6f7addeb961ccbd9a7e88e7159cf8c38b737485728d63a3266bc436bd
SSDEEP

1536:ygyJ4Hhv/ZQu6eoOwLrnqSKiQ0tBI0WD+sceZ:/yJ+hvhQ/eoZLri50tTWD+scE

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\drivers\NDKPing.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\parport.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\usbser.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\uaspstor.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\mshidkmdf.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\rdpdr.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\USBSTOR.SYS	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\terminpt.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\DRIVERS\wdiwifi.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\AcpiDev.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DRIVERS\ndiswan.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\serenum.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\ipt.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\lsi_sas3i.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\MSTEE.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\vmstorfl.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\VMBusHID.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\lsi_sss.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\rfcomm.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\ufxsynopsys.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\drivers\kbldfltr.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\amdi2c.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\bthmodem.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\vwifibus.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSSi_I2C.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\xboxgip.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\intelide.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\ipnat.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\drivers\ufx01000.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\percsas2i.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\percsas3i.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\megasas.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\drivers\NetAdapterCx.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\Drivers\Null.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\1394ohci.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\cht4vx64.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\hidinterrupt.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\pmem.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\serial.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DRIVERS\wanarp.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\acpitime.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\dmvsc.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\sdstor.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\tunnel.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\isapnp.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\drivers\udecx.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\UsbHub3.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\amdk8.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\usbprint.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\msiscsi.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\rasl2tp.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\system32\drivers\dam.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\usbohci.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\iaLPSS2i_I2C.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\SiSRaid2.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\TsUsbGD.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\umpass.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\mshidumdf.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\MSPQM.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\drivers\MTConfig.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DRIVERS\NDProxy.sys	7edb54524c64f3fd4d120a9a1b49678b.exe

Drops file in System32 directory 6 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys	7edb54524c64f3fd4d120a9a1b49678b.exe
File opened for modification	C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys	7edb54524c64f3fd4d120a9a1b49678b.exe

C:\Users\Admin\AppData\Local\Temp\7edb54524c64f3fd4d120a9a1b49678b.exe
"C:\Users\Admin\AppData\Local\Temp\7edb54524c64f3fd4d120a9a1b49678b.exe"
1⤵
- Drops file in Drivers directory
- Drops file in System32 directory
PID:960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/960-0-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/960-1-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/960-2-0x00000000004C0000-0x00000000004C6000-memory.dmp

Filesize
24KB

Download
memory/960-3-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads