Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
11/04/2024, 03:02
General
-
Target
d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb.exe
-
Size
151KB
-
MD5
82fa99987d4a4e4c6add3bfecddd43d9
-
SHA1
01a86a7262e5430b2b6ec0e88fe2e4e29497c148
-
SHA256
d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb
-
SHA512
24d60f2c7fa8be61d28b95c941435209278304cc9f37835bd3e9ae41b1baf93271ee3b6352a4923d2acdf1e396133071d1092e9ffda5c75b327370038637532b
-
SSDEEP
1536:oOoq1XuNCQy7vm9iV+sW6VQcFa/SNmBtBneGr4qjOOiE5gVehKOjNrG58Z3qOT/w:SK66hW6k6uBneGEq6OiE5uehKyazo/w
Malware Config
Signatures
-
Detects executables packed with ASPack 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Enumerates connected drives 3 TTPs 2 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb.exe"C:\Users\Admin\AppData\Local\Temp\d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb.exe"1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
-
C:\Users\Admin\AppData\Local\Temp\ d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb.exe"C:\Users\Admin\AppData\Local\Temp\ d09039c17434d523b01e13468ed9446dc26c9a8061875a654de8747605df20eb.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
81KB
MD5321b68d735ace871f0925934911044c1
SHA1e8a5e39dddd1d595bdd43639c0ed1e6ffb537563
SHA256f2fdb7bf291962f08f575b94a3701217fe35b74bfa389f4ef241246ffe2a61f9
SHA512a7ce9f0d08076648c679871d04df52e2b91a93316922c586735ec8ace25d077cb798e465c79532f332f028b3c77e16eb8d7f3269bc9a374ffdbc97840fe0547b
-
Filesize
188KB