Overview

overview

6

Static

static

3

bd6a9a4a03...66.exe

windows7-x64

6

bd6a9a4a03...66.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-04-2024 02:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe

  • Size

    965KB

  • MD5

    0c554abf829b35d3846bd02f4af0a914

  • SHA1

    2b886ebb445411480b987486171238ac080afdea

  • SHA256

    bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66

  • SHA512

    fa60c61ad7679a796309296655d2ebc49051e4bf81b2057a71093ea53b818b9e81a3786e3c83347e3baf3bb08848ec69d4373785a8964ed18dd18f6d1cda51e4

  • SSDEEP

    12288:i2ToLD2QfWUEknSsmjj/UVF4TNSzURcXdaTjMVJK1P5aEL3/fxyhxoeVsc:ikuPfWsnnw/UV+NSzURcAMVcRaq2v1

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe
    "C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:6016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe
    Filesize

    965KB

    MD5

    a05cb7f72c6870644a86e7ec6fb46582

    SHA1

    e0046ef732fcb90c56f2b99361d4f78eaaf73ca1

    SHA256

    be3aedb178232d272c112fecdb954969ecf04c716c420f548d28a57135fffc98

    SHA512

    fadd74e24df3d6453cde597a59902b70d792ca07f4db289603228a61b71ce42d063f26384873dd0620719eee22e516c91c09e4b6f7e934add0205b901893169a

    Download Submit

  • memory/6016-13-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-14-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-3-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-9-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-10-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-11-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-4-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-2-0x00000000022E0000-0x00000000022E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/6016-12-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-15-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-16-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-17-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-18-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-19-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/6016-20-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download