2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
21-05-2024 14:22

Target

2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
Size

7.8MB
MD5

b7ff0a805a2b5a4e7a2eed7ab6b624bf
SHA1

2dde42c6bd2c60cf94ed150308d10f2250c0c857
SHA256

2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847
SHA512

a55f69ffcd6c059f7a0de1dd4464ad45992cffd36e0109afd5296fbd8915fec9b118f86b663ea80d889f3a82dc416a293f954ed33e1576f070d7ac748f0f659a
SSDEEP

196608:YT7WdqjCXiR3U6BoeYRxbqXpLo/SN+3qHH:S7WdqWXiCcLGspoiUQ

Score

1^/10

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

System Information Discovery

Processes:

2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe

C:\Users\Admin\AppData\Local\Temp\2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe
"C:\Users\Admin\AppData\Local\Temp\2c61c0a17c2eae24392e66d4be226d60c31116df59e98c1998e35572e3fab847.exe"
1⤵
- Enumerates system info in registry
PID:2556

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/2556-2-0x000000000058F000-0x0000000000802000-memory.dmp

Filesize
2.4MB

Download
memory/2556-1-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/2556-3-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/2556-4-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download