474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29-05-2024 00:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe
Size

7.8MB
MD5

cce3581b746e6334212a7ff3aae35fef
SHA1

c21e19e53e1f030477ae5d672f5df26293405f66
SHA256

474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e
SHA512

746f934e6a3d10bd3dfad3bf6f4013e821998b4d5adecb373705f30decd25c1f4d4aca67a54077d2c477e314d4b5c51ae0c25b137bf8777aa3248b80f0b03e7d
SSDEEP

196608:bSV+xHBthLRvnQ4YfVTbFh3oP5QADX7ijkN9fwkV:WMxhpnrY1Fh32+AXiqfr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 4 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe

C:\Users\Admin\AppData\Local\Temp\474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe
"C:\Users\Admin\AppData\Local\Temp\474408fd5740a931a6ae1f453702db10e98a160483888b1fb7d0a4158ca8b56e.exe"
1⤵
- Enumerates system info in registry
PID:2848

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2848-1-0x0000000000400000-0x000000000114D000-memory.dmp

Filesize
13.3MB

Download
memory/2848-2-0x000000000058F000-0x00000000007FF000-memory.dmp

Filesize
2.4MB

Download
memory/2848-3-0x0000000000400000-0x000000000114D000-memory.dmp

Filesize
13.3MB

Download
memory/2848-4-0x0000000000400000-0x000000000114D000-memory.dmp

Filesize
13.3MB

Download
memory/2848-5-0x0000000000400000-0x000000000114D000-memory.dmp

Filesize
13.3MB

Download