008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22/05/2024, 15:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe
Size

7.9MB
MD5

4c06d252d388a3947ef0aff64127370a
SHA1

04d3be5cbd4a00c0d724364bafdd727abd174791
SHA256

008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c
SHA512

00de28dd0f35eff38a55f9401eb409982804829476ffbe0ac5c48b10b6650da1fecd31f2449dd98d3ccc26a613a4a47721d4abba3d4f1b0901342426c395b4a0
SSDEEP

196608:YT7WdqjCXiR3U6BoeYRxbqXpLo/SN+3qWlry:S7WdqWXiCcLGspoiUJty

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 4 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe

C:\Users\Admin\AppData\Local\Temp\008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe
"C:\Users\Admin\AppData\Local\Temp\008382e1d116163e733a0c68725f6f4c871dcdc19f3168c0bb916b074fa0a92c.exe"
1⤵
- Enumerates system info in registry
PID:2352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2352-0-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/2352-2-0x000000000058F000-0x0000000000802000-memory.dmp

Filesize
2.4MB

Download
memory/2352-3-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/2352-4-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/2352-5-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download