Overview

overview

7

Static

static

3

ea726b242e...2d.exe

windows7-x64

7

ea726b242e...2d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-02-2024 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d.exe

  • Size

    792KB

  • MD5

    5e29048bae5f331abe9d12f72b8fac42

  • SHA1

    5f826ef166544bdd5556864158e766d1a3341c62

  • SHA256

    ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d

  • SHA512

    d23cdf289a2d775af1396ba7a0465b168ba59ecd265d551824e613f04b8265bdc23dd95c5c3a3c6606ebcdcce1c2f14f3c763ebcdae5868125d74a894a141b54

  • SSDEEP

    12288:hHsWSv4xPciZNTRZt7xulIz5xOLSbpgll92B3++YnB9RJMY8vr:hgvQ1D2INxOY+TB9ReY8v

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d.exe
    "C:\Users\Admin\AppData\Local\Temp\ea726b242e190b4f199ccd42adff75f94e2223333f54298103716a90c4629d2d.exe"
    1⤵
    • Checks computer location settings
    PID:4612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\CyberLink\GDPRDlg\Shared\GDPRDlg.ini
    Filesize

    350B

    MD5

    b772959f769b40b201fbb754fe607a7b

    SHA1

    e44e61e13dc1f3409a18dcd18e01e753328d8430

    SHA256

    2580c489796c0f45fea83698f83438bdd8a3a3cf534ff4354d9f543348fe1615

    SHA512

    e4dbc22c9893bd1dd9eb34b8e1b7dd80f24c2781ce9e9980fbf3912699bc2205c59573c5dae485e2d2123cea990ff1cfdb6eb15ba7753d18627c337d40db0c1a

    Download Submit

  • memory/4612-4-0x00007FF724AD0000-0x00007FF724C55000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/4612-26-0x00007FF724AD0000-0x00007FF724C55000-memory.dmp

    Filesize

    1.5MB

    Download