Overview

overview

3

Static

static

3

5883.exe

windows7-x64

3

5883.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2024, 06:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5883.exe

  • Size

    2.3MB

  • MD5

    204e0d31d5c3b252f2a5e5c865e0b0af

  • SHA1

    51082d4af6ec335b8e388d9684e517073eb1dce6

  • SHA256

    6e04b3ebe2c676ec765b57359bdff28642425f88a9e85045b473ea569dfe22c9

  • SHA512

    00f8c3f94aa10fbcfaea41b13102f2a0690d3dd73b3a33a12eeeea64ad769a90ddfcf18d8f12050e7e6250a8c359e29fdb1948fe3c4b04c0f818b8b2f3f5fa7f

  • SSDEEP

    24576:lelo5jh+9b8SL1lAdL5+FPI3YqOcHQSFablTmVfKxquGjHneFUJfKlaZ+nJ:Al+h+1qs0Y/BTmVuGjHnevlig

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5883.exe
    "C:\Users\Admin\AppData\Local\Temp\5883.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2932

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2932-0-0x00000000003B0000-0x00000000003B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2932-1-0x0000000000400000-0x0000000000640000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2932-3-0x00000000003B0000-0x00000000003B1000-memory.dmp

          Filesize

          4KB

          Download