Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28/02/2024, 00:43
General
-
Target
aa9260cc25a5133866099166b6e912e6.exe
-
Size
235KB
-
MD5
aa9260cc25a5133866099166b6e912e6
-
SHA1
1b1d15159f514a40d8b63e4151c573d2690423ab
-
SHA256
d3802c04f43765dd959f0e0cf38022b95eb045360d76ae1049402309980afe89
-
SHA512
1694bfa79c28fe883e8a9f0f289487434b3666e94df8ef5e350f9f6a5db0961420719b3c5c74545cfdd18ff5f4c903fe1a0e29e05376e2c2ffbe97a07324957e
-
SSDEEP
3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8rGpjBFy11A0:o68i3odBiTl2+TCU/RshuhukhuhugkZ
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in Windows directory 13 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\aa9260cc25a5133866099166b6e912e6.exe"C:\Users\Admin\AppData\Local\Temp\aa9260cc25a5133866099166b6e912e6.exe"1⤵
- Adds Run key to start application
- Drops file in Windows directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.execmd /c C:\Windows\bugMAKER.bat2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
76B
MD5abab6e22ef4d43e3d71f624647d5d0e2
SHA1893dd058752a35e981c0c746bd1eaff6c1369792
SHA25657f783814429be5974d23af198eca4d10835328883e2b01da4b627f3a5699bc1
SHA5123ff093e6bd683eaa23dddf037fdd9246eaf0e09244f4ba2bd105a83f92a7f843018d13cc040195ee5e9af850637e92ae8b1f37ebfe9f5aaba38eb49aecd0433c
-
Filesize
180KB
-
Filesize
4KB