228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
23/05/2024, 18:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
Size

7.8MB
MD5

80f05f74db9c2c0217d12f6dbb91eea1
SHA1

4a61af9c2d0304936b5ca33060c32abb19c6a024
SHA256

228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b
SHA512

54f82457cc35206ecf4f07fd12a9f88c3df2ddb41a0a1b4fd025c5f50abf3a55cbd1f0ed6878bb61619f844984e1e5486b2261f32fe437889bf721df63923762
SSDEEP

196608:CfalLJ2A+BkjJ3gthLRvvFMXx9NZ7ijkN9fwkb:CfalL80ypvFMh9fiqfV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe

C:\Users\Admin\AppData\Local\Temp\228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe
"C:\Users\Admin\AppData\Local\Temp\228975c0737c65dda753d4513ae2d5791e55d9d0b4941c676f547e1821efc75b.exe"
1⤵
- Enumerates system info in registry
PID:4396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4396-2-0x000000000058F000-0x0000000000803000-memory.dmp

Filesize
2.5MB

Download
memory/4396-0-0x0000000000400000-0x0000000001155000-memory.dmp

Filesize
13.3MB

Download
memory/4396-3-0x0000000000400000-0x0000000001155000-memory.dmp

Filesize
13.3MB

Download
memory/4396-4-0x0000000000400000-0x0000000001155000-memory.dmp

Filesize
13.3MB

Download
memory/4396-5-0x0000000000400000-0x0000000001155000-memory.dmp

Filesize
13.3MB

Download