Overview

overview

6

Static

static

1

d6eb7ccd86...44.exe

windows7-x64

6

d6eb7ccd86...44.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 19:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6eb7ccd86803ae24a341aaaf5802f44.exe

  • Size

    225KB

  • MD5

    d6eb7ccd86803ae24a341aaaf5802f44

  • SHA1

    332953fafac16a73e621291910af25175d200e26

  • SHA256

    109794f84046577d36706f0216d8861f9717db0ac4af5d89b0764255ee4632f0

  • SHA512

    3936696f47fe146818e8090b8f969045ed62e9e4fe8b73ad836df0a594d2b2ec1c5d6d7915ac0f1db077da9327f1771e3c953391fb502ee636da658e4cc7413d

  • SSDEEP

    3072:jfDH1eqz1bZ11/OSYQezSMbq7j3LkeHrFnvQKKnvxOY7c/3rVQs+Px/:jZZdb1a1+33AqFIKKZOSc/b2s+Px

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d6eb7ccd86803ae24a341aaaf5802f44.exe
    "C:\Users\Admin\AppData\Local\Temp\d6eb7ccd86803ae24a341aaaf5802f44.exe"
    1⤵
    • Drops file in Windows directory
    PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2372-0-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2372-5-0x0000000000150000-0x0000000000151000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2372-4-0x0000000000090000-0x0000000000091000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2372-3-0x0000000000080000-0x0000000000081000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2372-2-0x0000000000160000-0x0000000000180000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2372-6-0x00000000001A0000-0x00000000001CF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2372-10-0x0000000000160000-0x0000000000180000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2372-1-0x0000000000030000-0x0000000000031000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2372-18-0x0000000000160000-0x0000000000180000-memory.dmp

    Filesize

    128KB

    Download