Overview

overview

7

Static

static

3

85d5f23333...bd.exe

windows7-x64

7

85d5f23333...bd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24/05/2024, 09:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85d5f23333d384fce8b6720edc38bc29edb8aa6449f235fe6e048805f959e3bd.exe

  • Size

    4.3MB

  • MD5

    5d0c55381fbf6faec7bc87dca6441c30

  • SHA1

    2b8f5c7b03fbaaa8dd0522c75e0669b6cdef2c96

  • SHA256

    85d5f23333d384fce8b6720edc38bc29edb8aa6449f235fe6e048805f959e3bd

  • SHA512

    6844ab44e4226ecd0f13715d5b9f4264221e81d611c7f36e6790df7647d89357f3863611820c092f4843bc065f2f4f5e9695c0d6da706c83232eb7e40ce090d5

  • SSDEEP

    98304:kf4EIDDHK9nhCbJzEaokXvLZw8jzcO/7KNQS8r7NL5j5tDo3STwK7zUFBVEWe4n:Q4HKDQBKkXy+XWt815j5tDobSUFQdQ

Score
7/10

Malware Config

Signatures

  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\85d5f23333d384fce8b6720edc38bc29edb8aa6449f235fe6e048805f959e3bd.exe
    "C:\Users\Admin\AppData\Local\Temp\85d5f23333d384fce8b6720edc38bc29edb8aa6449f235fe6e048805f959e3bd.exe"
    1⤵
    • Checks BIOS information in registry
    • Enumerates connected drives
    • Checks processor information in registry
    • Enumerates system info in registry
    PID:2408

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2408-1-0x0000000000220000-0x0000000000223000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2408-0-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-3-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-4-0x0000000000401000-0x000000000053D000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2408-2-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-5-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-6-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-7-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2408-8-0x0000000000401000-0x000000000053D000-memory.dmp

    Filesize

    1.2MB

    Download