Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 22:30
Static task
static1
Behavioral task
behavioral1
Sample
25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe
Resource
win10v2004-20240508-en
General
-
Target
25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe
-
Size
3.6MB
-
MD5
da5d22d8656c3ddb54845980bfd9d3b5
-
SHA1
d3c39d8aed92fbaabc8ead01dc6c2dda74cfa3f0
-
SHA256
25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d
-
SHA512
94225db57fa90a3a1cdbc277f0b43d81293f5da4f8ac91247b9aca68a9b7a8e66e481a9ede6445da5f5676857eaf2c8484796ef20d0fc21c1f331937632c74db
-
SSDEEP
98304:9wYeJu3Qq82CcvwIRDsWpHbhBhlwPUsXR265Jr+zFBOaEGTe:9wYeivsWDBsPUsXRuFtH
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 2 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\h: 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe File opened (read-only) \??\e: 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2204 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe 2204 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe 2204 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe 2204 25635021ac7a6a00c235cadddf865657617a9dbfdef0adcf1acfd6741285743d.exe