62785bfab54aff8b4099c82fb0e47513803f90b424fe7aa60c4c3130e43094cd | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
15-06-2024 06:05

Sharing

Report Analysis Logs

General

Target

$TEMP/ProtectorUpdater.exe
Size

362KB
MD5

a5cd4828b244d8a019cad5b39834073d
SHA1

dbd08733f1b22ffeb66ea1b0f4f4313b2d9ba36b
SHA256

4465dc9a641bcee44fa490f33ba9859b834e2d1677a1563843fc717fb123a56a
SHA512

98dcfb6a9f68830e694e5bb2abd3145a885d4313a7615f6078ce12388a7e76fa59ecd5a458153e48e1b8088991ac729800938578276594bea7a7e7a087b3eaa1
SSDEEP

6144:N50gUCRNY6k3lqK3RTGzh2hQ8E9QcwtzH+gTBxnlimMb8GVNVOaj7g0EgVZ22U:P0gFNY973RT7E9YzewxnlelOq8s2/

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\$TEMP\ProtectorUpdater.exe
"C:\Users\Admin\AppData\Local\Temp\$TEMP\ProtectorUpdater.exe"
1⤵
PID:2396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads