13e440bb67e3eb8ac81d6c61de97da8b306fe66848c94f27ec3c1a4ec280a0b4

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
15-03-2024 23:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cc95f5abfbd38fdecd8456cb03b8bbf2.exe
Size

456KB
MD5

cc95f5abfbd38fdecd8456cb03b8bbf2
SHA1

c6b0268f1ca0e1ca0fa20652de07530979625f53
SHA256

13e440bb67e3eb8ac81d6c61de97da8b306fe66848c94f27ec3c1a4ec280a0b4
SHA512

f51201499925e568e7d9e624f35b0c0ac6d3f3a6d1f0d7b8ea4785e60b07bbf3735530caa4605aa166536ae478046242371737077fc2d9bdb7ac229778be773b
SSDEEP

6144:1lcdReoMqvYHU4DHN38C499Qydb2a/BNdHD+vU4EMz1rUlIzrs04e4qbfvqJ50Nm:1EVMFZI9R7pNdHhnrHeo+tOuo

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cc95f5abfbd38fdecd8456cb03b8bbf2.lnk	cc95f5abfbd38fdecd8456cb03b8bbf2.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\cc95f5abfbd38fdecd8456cb03b8bbf2.exe
"C:\Users\Admin\AppData\Local\Temp\cc95f5abfbd38fdecd8456cb03b8bbf2.exe"
1⤵
- Drops startup file
PID:3564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3564-0-0x0000000000C10000-0x0000000000C11000-memory.dmp

Filesize
4KB

Download
memory/3564-1-0x0000000000C20000-0x0000000000C22000-memory.dmp

Filesize
8KB

Download
memory/3564-2-0x0000000000C30000-0x0000000000C31000-memory.dmp

Filesize
4KB

Download
memory/3564-3-0x0000000000DD0000-0x0000000000DD1000-memory.dmp

Filesize
4KB

Download
memory/3564-4-0x0000000000E00000-0x0000000000E01000-memory.dmp

Filesize
4KB

Download
memory/3564-6-0x0000000003350000-0x000000000337C000-memory.dmp

Filesize
176KB

Download
memory/3564-5-0x0000000000E10000-0x0000000000E11000-memory.dmp

Filesize
4KB

Download
memory/3564-7-0x0000000002E80000-0x0000000002E81000-memory.dmp

Filesize
4KB

Download
memory/3564-9-0x0000000002E90000-0x0000000002E91000-memory.dmp

Filesize
4KB

Download
memory/3564-12-0x00000000032D0000-0x00000000032D1000-memory.dmp

Filesize
4KB

Download
memory/3564-13-0x00000000032E0000-0x00000000032E1000-memory.dmp

Filesize
4KB

Download
memory/3564-14-0x00000000032F0000-0x00000000032F1000-memory.dmp

Filesize
4KB

Download
memory/3564-15-0x0000000003300000-0x0000000003301000-memory.dmp

Filesize
4KB

Download
memory/3564-16-0x0000000003310000-0x0000000003311000-memory.dmp

Filesize
4KB

Download
memory/3564-17-0x0000000003320000-0x0000000003321000-memory.dmp

Filesize
4KB

Download
memory/3564-18-0x0000000003330000-0x0000000003331000-memory.dmp

Filesize
4KB

Download
memory/3564-19-0x0000000003380000-0x0000000003381000-memory.dmp

Filesize
4KB

Download
memory/3564-20-0x00000000032C0000-0x00000000032C2000-memory.dmp

Filesize
8KB

Download
memory/3564-21-0x0000000003390000-0x0000000003391000-memory.dmp

Filesize
4KB

Download
memory/3564-25-0x00000000033C0000-0x00000000033C1000-memory.dmp

Filesize
4KB

Download
memory/3564-26-0x00000000033D0000-0x00000000033D1000-memory.dmp

Filesize
4KB

Download
memory/3564-27-0x00000000033B0000-0x00000000033B1000-memory.dmp

Filesize
4KB

Download
memory/3564-28-0x00000000033E0000-0x00000000033E1000-memory.dmp

Filesize
4KB

Download
memory/3564-29-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/3564-30-0x0000000003400000-0x0000000003401000-memory.dmp

Filesize
4KB

Download
memory/3564-31-0x0000000003410000-0x0000000003411000-memory.dmp

Filesize
4KB

Download
memory/3564-32-0x0000000003340000-0x0000000003341000-memory.dmp

Filesize
4KB

Download
memory/3564-33-0x00000000033A0000-0x00000000033A1000-memory.dmp

Filesize
4KB

Download
memory/3564-34-0x0000000003770000-0x0000000003771000-memory.dmp

Filesize
4KB

Download
memory/3564-44-0x0000000003170000-0x0000000003171000-memory.dmp

Filesize
4KB

Download