c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 22:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
Size

7.2MB
MD5

6ba1ae5620eedbdf69e277728c340800
SHA1

90f81c5d37258445ec46f979f4a7a74663ed2cf0
SHA256

c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f
SHA512

04836c50bbf2fc1fadb507a74d671facb198cf68e4acebb776ee3155910867e9a4ffbc7d262736eb23673bb675d2ce3d545f6f2c26d1372b1f5f10168842bb73
SSDEEP

98304:dSjRH8avpYgt1uSV5je//tMGoThMH9FKJqoAVn11jhLSVYWYU0HmaDr0SQztjX6V:0hlD1TUKJTqH9FKJ6zthLRvV1r03pKxd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe

C:\Users\Admin\AppData\Local\Temp\c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe
"C:\Users\Admin\AppData\Local\Temp\c3fdc47a579cb6ea0945c5daa008b6037c18e1ee7acb93c264f056fa41f4da5f.exe"
1⤵
- Enumerates system info in registry
PID:2364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2364-0-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/2364-3-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/2364-2-0x000000000058F000-0x00000000007FE000-memory.dmp

Filesize
2.4MB

Download
memory/2364-4-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download
memory/2364-5-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download