d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 14:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
Size

7.0MB
MD5

4ded72b2504c9f885f1e6b3d2b5d5112
SHA1

3e69716befbec070312eab2f6826b95081b869b2
SHA256

d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a
SHA512

037e95fe3f7cdffa1b0ee24d6a72c464835002d04dc089c51da108412a2de5c3dcc8d32fcfa386b3f8e84fbdcc0eeaebb1039324b8e6514fa46af262a168d8e3
SSDEEP

98304:HyQbiKWq0XbpDojFYTKqZlTYe2+7P6U9Ii1v11jhLSVYWYUQuGgDbLtB5fcV:HyQbiK09SjqZSXkPBeiLthLRvp2EV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe

C:\Users\Admin\AppData\Local\Temp\d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe
"C:\Users\Admin\AppData\Local\Temp\d75024f2f6341d7d800d7f03e050a359125486de1e4ca27c0d31e70e394c4d9a.exe"
1⤵
- Enumerates system info in registry
PID:1608

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1608-1-0x0000000000400000-0x000000000114E000-memory.dmp

Filesize
13.3MB

Download
memory/1608-3-0x0000000000400000-0x000000000114E000-memory.dmp

Filesize
13.3MB

Download
memory/1608-2-0x0000000000400000-0x000000000114E000-memory.dmp

Filesize
13.3MB

Download
memory/1608-4-0x0000000000400000-0x000000000114E000-memory.dmp

Filesize
13.3MB

Download