Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
25-05-2024 01:05
Behavioral task
behavioral1
Sample
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exe
Resource
win10v2004-20240508-en
General
-
Target
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exe
-
Size
6.3MB
-
MD5
6c7b1c7f2a466936f3c06f608358311a
-
SHA1
14723c060f07a69d9bb5a6d04debccd55b32781d
-
SHA256
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f
-
SHA512
6d31d272eed382edec75873f116d5e49ea02672affaa0bc7e8c8733e1244e245e66ee016eafb25d3c9322f153e02c3538c798c6e74d860464c68acab6d06937b
-
SSDEEP
98304:Wy2Ra3s45KZATR1DPBLPjmFk1wTdrobphQ7O9CKkq7xb4T0HmphWdo80jT:WM5igRjLik1OibpCyCZT0mpMeT
Malware Config
Signatures
-
Checks system information in the registry 2 TTPs 2 IoCs
System information is often read in order to detect sandboxing environments.
Processes:
c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exedescription ioc process Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName c41745d8a3ead8489fba5d9ddbadbcc868194da360463eae2d63a0a09c07c19f.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\netskope\stagent\Logs\nsdebuglog.logFilesize
4KB
MD527ab7bdf61a8dce300695dd5c17d17cd
SHA114f0e54c54cc0db2352912c82f5fb730ceb0b35d
SHA256fbc8b761a6400e5ec758e35924ee3c482db91dd7a4e92b5b43b9ffce6554a76f
SHA512c18a608a597049b9e4b33d6704f55079ea757053829f6fb4e3fd8f77e6c8039983c23ebd28e8e62470fba45c720705b5b53cbb28406b4f2b1550c7110522e6ee