fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 10:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
Size

7.3MB
MD5

d494002f49ab8df0f7f153b2407acc68
SHA1

30ce3e90e0e60063a731e6010a049d6883ac4eb7
SHA256

fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975
SHA512

13e27fd4d6cc54669c60c234cec0b164aa2ab688cf90e342c7a2315ff0b62e4d6d2ec58a28bdcd1314a93a9e39a64feb829b743939330b4607c6be23c9d363e4
SSDEEP

98304:19l72dMf1r8iXSBx1AuvDQBccVzv2mw11jhLSVYWYUcr6irVlUBtB5S1+iLwM:1DKdMfKiXSxxvWVLSthLRvBmiOS1+5M

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe

C:\Users\Admin\AppData\Local\Temp\fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe
"C:\Users\Admin\AppData\Local\Temp\fb69ad8d0a2caa026d445718feaa414b22954dbfdce3a3f27f1fee271e775975.exe"
1⤵
- Enumerates system info in registry
PID:2000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2000-2-0x000000000058F000-0x0000000000800000-memory.dmp

Filesize
2.4MB

Download
memory/2000-0-0x0000000000400000-0x000000000114F000-memory.dmp

Filesize
13.3MB

Download
memory/2000-3-0x0000000000400000-0x000000000114F000-memory.dmp

Filesize
13.3MB

Download
memory/2000-4-0x0000000000400000-0x000000000114F000-memory.dmp

Filesize
13.3MB

Download