01b6ef4ba13841ee96c045595c24608ca13eef71b65c7c7cf87913f9dc0082f9 | Triage

Submit
Reports

Overview

overview

3

Static

static

3

2176.exe

windows7-x64

3

2176.exe

windows10-2004-x64

3

Analysis

max time kernel
141s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
04-07-2024 19:20

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2176.exe

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2176.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

2176.exe
Size

3.3MB
MD5

bc63580b13139ff14d2bd605b6fcb277
SHA1

a5557c8f28166160954e0b63936e4154b1b7ea11
SHA256

14774f88072a0f3cd222758e9e0b3dcca9fd66fefa278eafd04c76b25d004104
SHA512

4842526d7461ad984e032744289437bf9a27f7e0fba51527e2b55441bf3a4e0c2cc678f8aafdacb9bc29b5f77bae11f9fc2385c3848a818289c552e25bcdfae2
SSDEEP

49152:el+h+1qs0Y/BTmNuGjHnevJHZFGBN65t5OU04xCcaEvCvryMk:elK+19V0rjHnekKt5OECcHvCjZk

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\2176.exe
"C:\Users\Admin\AppData\Local\Temp\2176.exe"
1⤵
PID:1592

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4256,i,2113996974559895641,18156918660790954073,262144 --variations-seed-version --mojo-platform-channel-handle=3948 /prefetch:8
1⤵
PID:1548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1592-0-0x0000000000810000-0x0000000000811000-memory.dmp

Filesize
4KB

Download
memory/1592-1-0x0000000000400000-0x0000000000640000-memory.dmp

Filesize
2.2MB

Download
memory/1592-3-0x0000000000810000-0x0000000000811000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy