0b75b6972851c213cecf9eda96079c411960820f4d5a9c91d84cdcba459ae995 | Triage

Submit
Reports

Overview

overview

6

Static

static

3

KasperskyU...ci.exe

windows7-x64

6

KasperskyU...ci.exe

windows10-2004-x64

6

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
20-06-2024 15:05

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

KasperskyUniversal602675hhbd_kaci.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

KasperskyUniversal602675hhbd_kaci.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

安装说明.url

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

安装说明.url

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

KasperskyUniversal602675hhbd_kaci.exe
Size

451KB
MD5

2099afdf94cdaee941a2b932738649a1
SHA1

a6d06a59cc1d40daf638038991e48dd542db2145
SHA256

441ae0e7f4500be0188178993ab9c17a3f5281f3c51dbc82b5f744a421536fc0
SHA512

12ce33c422bdc6f658abfa646e34b19d8d86b5a12afb0c3600c1fd39a90f9b5de496a69c37de2e870d8a72ab924ed98393a75500496134dec5412feb346ea462
SSDEEP

6144:uVRPu+C/GIMMh5gbwT0LnyTl0/KKn5TyRzFb45xpyyxFlzGghf3kuWtnzIzwntHK:4RPsh5D0LyTl+hlOIlzlh/kuWizqt3O

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Processes

C:\Users\Admin\AppData\Local\Temp\KasperskyUniversal602675hhbd_kaci.exe
"C:\Users\Admin\AppData\Local\Temp\KasperskyUniversal602675hhbd_kaci.exe"
1⤵
PID:4176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\aaiw240597799.bmp

Filesize
12KB

MD5
976873874d74764c20c974110e06a9bb

SHA1
31dc3d1af90fcef744689d4bf603642a5f73aee8

SHA256
001407dcaeb082f52ec7e927ce923e616cc97646e459592b80e924d41aa7e35d

SHA512
be4b03e16b717d365808481b60ef2ab0624b43db588f2b757afd6c0081e9f41f180f3ae3e974a452a09747202c981097437348447f8359389c54319606540c02

Download Submit

© 2018-2024

Terms | Privacy