Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2024, 17:32

General

  • Target

    de90ffa8a1f9f4f1500c41bbb6e2deb2.exe

  • Size

    27KB

  • MD5

    de90ffa8a1f9f4f1500c41bbb6e2deb2

  • SHA1

    b2b426cd79efc86fdb0fb320d6a9f7cda18bb4a1

  • SHA256

    4ecc1ea7042430d57f5c66e0aca2158b18d4adf4f42946079b14524323ba061a

  • SHA512

    5620c253b801c95ed49f768a4a11a201cc1cd2404da1c157b1a1daa13c5fa9b57330bf4bf3860614350aada7500305aa2ddee1f71df2c4fd334eb84790b0a94a

  • SSDEEP

    768:Km2d1lZmpy90841HsAfatzdWbKxndeV00:Km2dPZ8y908EHJfatRA4

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\de90ffa8a1f9f4f1500c41bbb6e2deb2.exe
    "C:\Users\Admin\AppData\Local\Temp\de90ffa8a1f9f4f1500c41bbb6e2deb2.exe"
    1⤵
    • Drops file in System32 directory
    • Modifies system certificate store
    PID:1536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\imgst.scr

    Filesize

    150KB

    MD5

    0adb0a79f09ed4c7338d1308f1aeb2ad

    SHA1

    f940c33fff1bfbb1d11cd20ddb31849ecb949c0d

    SHA256

    61527ab693cf89cf4f0e8ceae331f02a4501a6b3f211cc188c79b7b7ee3e8d64

    SHA512

    8b64499338b0e70a13b6473348b31c4d79db6c8fcf7e4fce49e982f307bf484f2af20fd40ec1197a7297ba6fdd17c7ee652e10302ed111d8cb77255bd8328cbf

  • memory/1536-19-0x0000000000400000-0x0000000000413000-memory.dmp

    Filesize

    76KB