879a1f5ebda081f1ca1db7750a0c159136288d1185d54fe0b01ee5f62ea169f9

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
29/06/2024, 00:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DriversCloud_Win_zx87g9z2kr_.exe
Size

1.9MB
MD5

8da6433d405b55961e302babc9ffb1ff
SHA1

803be7d4b874681e869de3837658bd61e7f8efde
SHA256

879a1f5ebda081f1ca1db7750a0c159136288d1185d54fe0b01ee5f62ea169f9
SHA512

00daa1952d755b4dbd437bdae434ac6312e795da737b5a5091856e0f2ddbf7eb51cc60e02ffb3f61a003da16c38752d118ca423bf56cd076a7baebcb15c2f742
SSDEEP

49152:hdqn9ce9ET2Ja+4gM4tUBjbUqPEuH8jX6m7+D:hdeieiTi474tyjwIAX6m7w

Score

4^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2932	DriversCloud_Win_zx87g9z2kr_.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\DriversCloud_Win_zx87g9z2kr_.exe
"C:\Users\Admin\AppData\Local\Temp\DriversCloud_Win_zx87g9z2kr_.exe"
1⤵
- Loads dropped DLL
PID:2932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nss663E.tmp\nsDialogs.dll

Filesize
15KB

MD5
8cd70f1945da79795ff2efabecbad6c6

SHA1
47ce283d49703babd6c54465937ccef75c8a74cd

SHA256
9f95e57131a751dd802389271af6dd673ed68345024f09037835e3aacd46cd62

SHA512
6b620f86d24516dcc2da142ee79b630d7fccdebaddeee1adda58a5fadd7174d72a6bcb0777d63e3cf571ae4d1d94088cc007213b3f75755b8fd97a383dde7dc6

Download Submit