Resubmissions
17/04/2024, 12:22
240417-pkdssagb4w 617/04/2024, 12:22
240417-pkc69aef22 717/04/2024, 12:22
240417-pka2wsgb3z 617/04/2024, 12:22
240417-pkafcsgb3y 717/04/2024, 12:22
240417-pj95lagb3v 617/04/2024, 06:11
240417-gx3zfahc5x 6Analysis
-
max time kernel
1783s -
max time network
1799s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
17/04/2024, 12:22
General
-
Target
20d91a72be558762313fafaaa907520188c823d8607e12874ecff683fd983a9e.exe
-
Size
116KB
-
MD5
3c36584665cada5cacb4ebd46aaf49db
-
SHA1
75d1edf82379ab351c5d3d009c8be39af06a286e
-
SHA256
20d91a72be558762313fafaaa907520188c823d8607e12874ecff683fd983a9e
-
SHA512
742e324fc71a281620cccbc6635f20d1956a2bd52f5545c1c21c903db8f17d4fb03bd0f20189677258073c0cde8fffdd703276071ca2a3a3f9cea62fd749983a
-
SSDEEP
1536:bqc+gjdZzGB9bQNMeHq5ixZGLgyBmK8zccAy5mE1biojuIaWPhIgzVkQGDax2D:ecPdZ+JsaVBzQh/9hxQ
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Uses Tor communications 1 TTPs
Malware can proxy its traffic through Tor for more anonymity.
Processes
-
C:\Users\Admin\AppData\Local\Temp\20d91a72be558762313fafaaa907520188c823d8607e12874ecff683fd983a9e.exe"C:\Users\Admin\AppData\Local\Temp\20d91a72be558762313fafaaa907520188c823d8607e12874ecff683fd983a9e.exe"1⤵
- Adds Run key to start application
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.1MB
MD5e2728d81f8f2db323b2e30044914798c
SHA113a67263cf9eef15473082c23ea474081dc6a252
SHA25600dbc7f11fda02512c34c348d4d8b33a512b773c793a1b4ef5bf6c1cc2aac781
SHA5127810338d6eeed50c07f6094c36e7db61bbbcdd3b93a9b524f64e1d3e050fd6a0802432078e6e91719e548267c658ace8c3a7acaf81be7965752606bdb1a2cf0e