Overview

overview

7

Static

static

3

acba09501a...b5.exe

windows7-x64

7

acba09501a...b5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 20:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    acba09501ab50c767e734abec8fdbdb5.exe

  • Size

    48KB

  • MD5

    acba09501ab50c767e734abec8fdbdb5

  • SHA1

    25bc543bdc97b472ab1ff2fecf8d663301110eb1

  • SHA256

    88655f03fdc4b67511ceaaa4d7f52b3e3a0330d5a3182b111854a062866584c5

  • SHA512

    aa8493300b5eb9fab98e24cf806bc3e82eccb8c9954cfff73778f648cccd5186b2ef0f28df05fe89f76d09f1d8da6f1d61aa7b50d5ad211e849dbfee63a91dfa

  • SSDEEP

    768:i+flBWHUmgsRgsbnkdXZ390+CmJc/LjwbqonYFLnA4qozj+Xle:DBWH0sRnbkdXZ3zdc/gBnKnqle

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\acba09501ab50c767e734abec8fdbdb5.exe
    "C:\Users\Admin\AppData\Local\Temp\acba09501ab50c767e734abec8fdbdb5.exe"
    1⤵
    • Checks computer location settings
    PID:1944

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1944-0-0x00000000005B0000-0x00000000005BF000-memory.dmp

          Filesize

          60KB

          Download

        • memory/1944-1-0x0000000000400000-0x000000000040F000-memory.dmp

          Filesize

          60KB

          Download

        • memory/1944-2-0x0000000000400000-0x000000000040F000-memory.dmp

          Filesize

          60KB

          Download

        • memory/1944-43-0x0000000000400000-0x000000000040F000-memory.dmp

          Filesize

          60KB

          Download

        • memory/1944-46-0x00000000005B0000-0x00000000005BF000-memory.dmp

          Filesize

          60KB

          Download