Analysis
-
max time kernel
132s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 19:59
General
-
Target
acb8e654fc73460f04ad20977b6932a8.exe
-
Size
72KB
-
MD5
acb8e654fc73460f04ad20977b6932a8
-
SHA1
bfd06e7bc5a9d44b6941d01cf40d60839c608ca3
-
SHA256
d40740578c0a7fd231a2bbfd4f08c1c1892b5fc54f75dd0aa28292a6f84df9b5
-
SHA512
97a85db48e1680e357c533437f55514cec90b7bc863a0530ce5be93ef5256edc02ee7eed30c68486b8381a3b507caea6f267334b6ce5c288e30938053654f7c7
-
SSDEEP
1536:yMWVD5fDOTiQS+uT+9oKBpHqiqcQwnsLd5BQOyKDyrS:x0VOTM5Tu2Ld4GDyrS
Malware Config
Signatures
-
Checks BIOS information in registry 2 TTPs 1 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 5 IoCs
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Modifies Internet Explorer settings 1 TTPs 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\acb8e654fc73460f04ad20977b6932a8.exe"C:\Users\Admin\AppData\Local\Temp\acb8e654fc73460f04ad20977b6932a8.exe"1⤵
- Checks BIOS information in registry
- Checks computer location settings
- Adds Run key to start application
- Drops file in Program Files directory
- Drops file in Windows directory
- Checks processor information in registry
- Modifies Internet Explorer settings
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1340 --field-trial-handle=2264,i,13734085038406049477,12426093271221802693,262144 --variations-seed-version /prefetch:81⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
508B
MD53708e5ae739d6f58359b99519428152b
SHA17fbdcf06a3242bcb26cbb815c20696970142ffac
SHA25607ac7eaac69acf45dbba0327c4d565691780ddc4f7fef334731b12e7733a50e7
SHA512cc6d35d41c730c88a44179519805d61b742649ff8cbb7c8c2bc866b6936d1f19ca0f2f251e1b9f3b466ff6e7eb32c15e171fd1976fe3bd3728788a22734f3328
-
Filesize
516B
MD525b95b44e4ac29dbd4b0b7b64a3cfbd2
SHA171dbdce00689c516c76051c82c0291231cd5624f
SHA256a35d3df67e37bfd7ad0f2f86864295f347ffc81f91cb8004b16c6f805c86016c
SHA51234575e842c65bee118b26031af1ae6a5ed7870ac9b286b8e4024aa37f621f61c8e099cfbdd22bd5af4989144a34392b2a856e76e5efe92b407f20c17c2a176f7
-
Filesize
510B
MD5d0e126b6e6d747777b9a26a2cfce7e47
SHA19d3371af9737bfa77b60697f89a91533253186ee
SHA2565b2435cee38c0558e6c51d73fc8bfdb6fe7929102b0056fc091ab87854f8f079
SHA5126ecd2437ba994a1e2c20aeb57ab71521260b6ce6254b78c370965a571c324bc5f692b202c3e841d41bfb530cfed6069302e4d53e7bf8906871a12e154df7cf7f
-
Filesize
41KB
MD56d9483473cc21fb8ae16b9986eeebb7a
SHA1dacdf59c209e0beb25416ce5c3409468e681d25a
SHA25631d4600520026289396892707d37d8583a169fd1867ed073e2b0ad9d71f15131
SHA512c6d5f08288f3ceb46feaf28a6552ae220899ef6d719a81dc28e948efde64554e74b810926e64af0f783ae12cb931fedbb7ed03c8663fd17cc3e654f4fd423787
-
Filesize
315B
MD5033f6ada1607519c1ec1cbad066966d2
SHA18c039379b2057b883d436a998da31213bc4f10fe
SHA256959886fb14fb16ee8f8e39183d73c24ab07733c71c64a175f8c0a77ee2afa3e0
SHA512eb98482d2a34f6bf47397de957db1285da29844b8f482f5f31d6df9f0b8c8e30f9728b9b06e4cd3ee59337f15b2082ff3c8af6d949faac57dffb8114597dd3dd