Overview

overview

3

Static

static

1

9c5cf463f4...a0.exe

windows7-x64

3

9c5cf463f4...a0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 10:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9c5cf463f4764446062f6df34417a4b8870e0602860acc857fce31ac22e0dfa0.exe

  • Size

    6.6MB

  • MD5

    c9d348d416c2ed3da991ef3427f07cf9

  • SHA1

    b85ad8e8ad639fe69bf6242fcff4e4f38ad68d6d

  • SHA256

    9c5cf463f4764446062f6df34417a4b8870e0602860acc857fce31ac22e0dfa0

  • SHA512

    1d0f86a600a38daaf232e30946050dafb2d186ff973e3c67bad5bd6709efd3d01571caf3387d33f6ff6dc955bc47e851ea04e759a97d820349e7b7c83f94501f

  • SSDEEP

    98304:J7h7nDABG/p/t3VUhh/DGVXyqKzcVNfnC1XEa1a+UA:JF7ZNhVS/D2CDUNfnAXEaUA

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9c5cf463f4764446062f6df34417a4b8870e0602860acc857fce31ac22e0dfa0.exe
    "C:\Users\Admin\AppData\Local\Temp\9c5cf463f4764446062f6df34417a4b8870e0602860acc857fce31ac22e0dfa0.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1356-0-0x0000000000C20000-0x0000000000C21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1356-12-0x0000000000400000-0x0000000000AB2000-memory.dmp

    Filesize

    6.7MB

    Download

  • memory/1356-13-0x00007FFE5ACD0000-0x00007FFE5AE42000-memory.dmp

    Filesize

    1.4MB

    Download