Overview

overview

7

Static

static

3

a28b9f2636...06.exe

windows7-x64

3

a28b9f2636...06.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2024, 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a28b9f263632cf20fa0c4efb58d08706.exe

  • Size

    191KB

  • MD5

    a28b9f263632cf20fa0c4efb58d08706

  • SHA1

    ce3229fd7e2bfee62fcca1f19232e95c6540078e

  • SHA256

    895ef0ba31363d64ad7b66920ed66b4af636e0cdde04fe1d87ac1500180e16df

  • SHA512

    bb76ded21271540cb70a7aa69989a456a84196e902ce66a75a20199a8bf1fc5884ca6a64f73f77dd22e0568367933f669fb867d62ebf0f15d779b5f17f9d1cb4

  • SSDEEP

    3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0d4:HAVySV1eY4k437d+4wkTHdS2A

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a28b9f263632cf20fa0c4efb58d08706.exe
    "C:\Users\Admin\AppData\Local\Temp\a28b9f263632cf20fa0c4efb58d08706.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of SetWindowsHookEx
    PID:1012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads