Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    15/02/2024, 09:51

General

  • Target

    RFQ#RE_Q1_2100006461_SUPPLY_ABB_MATTERIALS_Waagner_Biro_Bridge_pdf.exe

  • Size

    431KB

  • MD5

    2d445bd0fd5ca61eb05f2a293e7e9ecb

  • SHA1

    4728f6650d9658ad6c9db2a1c01c88b0bd9be712

  • SHA256

    c5bbe31a17d4365500acaf7bd2fbfc10f8a0867d650e12b24e22efa239cfdb3d

  • SHA512

    a8939d865005272c265e8c235153bffad905d6cb28aabd9599e707d2e09f55e3fc876d85a68da75947df4af5dde7b2d81916bf5d53e3319194fe2eb16414fd30

  • SSDEEP

    6144:znPdudwDMyZL5OCSAPcWOkhdeocqhf06ITkmSiwvcU7RJKbZJ2AI/6QRkmBWjjr5:znPdjQOFlfoi0TTv9U77KbZJ2AmrYVj

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\RFQ#RE_Q1_2100006461_SUPPLY_ABB_MATTERIALS_Waagner_Biro_Bridge_pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\RFQ#RE_Q1_2100006461_SUPPLY_ABB_MATTERIALS_Waagner_Biro_Bridge_pdf.exe"
    1⤵
    • Loads dropped DLL
    PID:2404

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\nsd5717.tmp\System.dll

          Filesize

          12KB

          MD5

          4add245d4ba34b04f213409bfe504c07

          SHA1

          ef756d6581d70e87d58cc4982e3f4d18e0ea5b09

          SHA256

          9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706

          SHA512

          1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d