de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1

Analysis

max time kernel
93s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
28/05/2024, 21:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
Size

7.8MB
MD5

a69dfd791ff52564772fa3f6b4936201
SHA1

eebaa3712b88386bb512d636d1edbea62ccda793
SHA256

de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1
SHA512

9135c3a369884a362457947646f30793d713f71da2d5b9665b798b020840b6b44c5208a6356ee6278ae24b4f2b93f6386d3e0638c2836b295f0ff3862c062ef3
SSDEEP

196608:0hlD1TUKJTqH9FKJ6zthLRvV1r03pK7ijkN9fwk6:GlNTfeprgpwiqfY

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe

C:\Users\Admin\AppData\Local\Temp\de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe
"C:\Users\Admin\AppData\Local\Temp\de51687eb95a017e8f59ad1b3f4db71ed8674040f58380e7c47f13b1afb192b1.exe"
1⤵
- Enumerates system info in registry
PID:4996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4996-2-0x000000000058F000-0x00000000007FE000-memory.dmp

Filesize
2.4MB

Download
memory/4996-0-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/4996-3-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/4996-4-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/4996-5-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download