Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
24/06/2024, 14:52
General
-
Target
a07f559ea5393a0a5648696f98237eae40c200cb2b81cd91351fd3a6b51080aa.exe
-
Size
1009KB
-
MD5
69809adb0b51f8242d4d06a05f402fee
-
SHA1
e8a205b1c2495642f8d5274d786f671cb705c234
-
SHA256
a07f559ea5393a0a5648696f98237eae40c200cb2b81cd91351fd3a6b51080aa
-
SHA512
bff55a35306c25cd87b29e1a59e6a2aaeae0b3e30d205a4c83ab08b9076af80467c858de6c164569c355ae5f0ce669fd06d4a46218de74d3d6e670dc05da9190
-
SSDEEP
12288:fjNVA5CBW7pwQq1B6OgVr/FkveCBk9MIGqz8GuapXYhUv6OmWIitgTDbLdSPx:BVa9pnnr/65k6aoGlVBWDbLyx
Malware Config
Signatures
-
Drops desktop.ini file(s) 1 IoCs
-
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies registry class 10 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SendNotifyMessage 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a07f559ea5393a0a5648696f98237eae40c200cb2b81cd91351fd3a6b51080aa.exe"C:\Users\Admin\AppData\Local\Temp\a07f559ea5393a0a5648696f98237eae40c200cb2b81cd91351fd3a6b51080aa.exe"1⤵
- Drops desktop.ini file(s)
- Enumerates connected drives
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD5403105643fee3bc1a8d0b2f286e4a0ca
SHA154ea42531a383f242c537fe35f09e5503f197a24
SHA256b0c49e23adb522f9dc6e335e08c4ac590fecf5630cc25a58088ab71a3a12593b
SHA5127873793f4d8567dfedbd73a9d944cbc464a56d5bcaca07111aa08257b8b57b87623e9fd762d15cda2502940d00cca837d64e312acdad8394c46aa19d7bdbef40
-
Filesize
4KB
-
Filesize
1.0MB
-
Filesize
4KB