Overview

overview

3

Static

static

1

509f5caf90...1f.exe

windows10-2004-x64

3

Resubmissions

05-04-2024 17:31

240405-v3t6daae55 3

05-02-2022 15:56

220205-tdrtaachg9 10

Analysis

  • max time kernel
    24s
  • max time network
    21s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-04-2024 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    509f5caf90d71205d4e67c01307ac35bffe286e08a3e544f05a38eb72f149a1f.exe

  • Size

    1.8MB

  • MD5

    c94e3ed01ca75095a5814b6c35c81aa1

  • SHA1

    4edbdd78de27aa597af21ce26aca724cc32493df

  • SHA256

    509f5caf90d71205d4e67c01307ac35bffe286e08a3e544f05a38eb72f149a1f

  • SHA512

    8c62045ae1781ecc03f938627e0b1ae2c0acbd5873825b3734a37306624d18d1e4cac9b14c266f6f3020b8c3267e00c935db083811cd1286555dbca60dec0ac4

  • SSDEEP

    12288:K+Tb28/rvBkKVDGI9jFWHDq8FjNbrXu+tUH6yMKJiMsBrFLvD6qb66LhoZ11Ew0c:K+P2mFVn7WHzFdLlqIh1p5LU1gc

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 38 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\509f5caf90d71205d4e67c01307ac35bffe286e08a3e544f05a38eb72f149a1f.exe
    "C:\Users\Admin\AppData\Local\Temp\509f5caf90d71205d4e67c01307ac35bffe286e08a3e544f05a38eb72f149a1f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2344
  • C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\SysWOW64\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}
    1⤵
      PID:1108

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2344-0-0x0000000002330000-0x0000000002331000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2344-1-0x0000000003E70000-0x0000000003EEB000-memory.dmp

      Filesize

      492KB

      Download

    • memory/2344-2-0x00000000778C2000-0x00000000778C3000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2344-3-0x0000000000400000-0x00000000005DD000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/2344-4-0x0000000002330000-0x0000000002331000-memory.dmp

      Filesize

      4KB

      Download