1780b68274d45be9335cc78560690fc1e9e07593cc31d1c1bab5ed85db01266f

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
27/05/2024, 14:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1780b68274d45be9335cc78560690fc1e9e07593cc31d1c1bab5ed85db01266f.dll
Size

8.6MB
MD5

27e7459b7906a979c0fa5bb4335c6266
SHA1

b5ac940bafd09b4097b572ef32199046cc179db4
SHA256

1780b68274d45be9335cc78560690fc1e9e07593cc31d1c1bab5ed85db01266f
SHA512

25ed0bfb17ccc37978270f28830d82d316a64d7fd16c435b7117a833b779be5cf8a8fb715e2d91a71ea7000201816191c1348769bfabb09338f603d1d7fa7089
SSDEEP

196608:kLjP1SFtnlfpDs5QG9lDyuzFUZQCVxy5vDR6R9io/BdmTN:UhGf5seG9lmuzFUZlVU5LUXiI2x

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	rundll32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier	rundll32.exe

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	rundll32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1780b68274d45be9335cc78560690fc1e9e07593cc31d1c1bab5ed85db01266f.dll,#1
1⤵
- Checks processor information in registry
- Enumerates system info in registry
PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\SafeNet Sentinel\Sentinel LDK\5a31a115-423d-3262-3ddf-499b072babc6\.434e4631\.gfh6chl6

Filesize
96B

MD5
69172236ef88c2e2d26dee678da4c380

SHA1
2b2c9898949398990a440607fbdaad6b37c12c25

SHA256
b17881c4f4cbe6bcd65b220f1cfddcf28d1a9acc4e8309fe26101f10ff7ed655

SHA512
b90380873ba9fce467818acb64851943ee4b70d723ec5cf5f26af543b8f578ee2ceecd04aa2d67bd5aaa1aeecd3defe304c392e138ca973dbdd03c5f28b0dc6c

Download Submit
memory/4612-0-0x00007FFAD2E30000-0x00007FFAD3CA7000-memory.dmp

Filesize
14.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads