9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 07:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
Size

7.9MB
MD5

cc66d8633224e4bea93fe39ac65d8773
SHA1

b34c66c83d17f846f6a58c13ee5560108296daa2
SHA256

9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44
SHA512

87ce3407bfe09f9091e46f17ca24053c491ceddb63f74726b2adf70cf55987ea49d44f115c9c340b42ab69226dbb50b9e838acff82716aab6f49a7ac69c5ed71
SSDEEP

196608:YT7WdqjCXiR3U6BoeYRxbqXpLo/SN+3qW8Q5L:S7WdqWXiCcLGspoiUBRJ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe

C:\Users\Admin\AppData\Local\Temp\9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe
"C:\Users\Admin\AppData\Local\Temp\9946672321fbf94698be244a37a00d06d8cfe2e5e7dd35e3fcac73d1f5810a44.exe"
1⤵
- Enumerates system info in registry
PID:1772

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1772-0-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/1772-3-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/1772-2-0x000000000058F000-0x0000000000802000-memory.dmp

Filesize
2.4MB

Download
memory/1772-4-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download
memory/1772-5-0x0000000000400000-0x0000000001150000-memory.dmp

Filesize
13.3MB

Download