Overview

overview

3

Static

static

1

0b6e964674...0N.exe

windows7-x64

3

0b6e964674...0N.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2024, 17:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b6e964674b0e7b991b048ca08eadf80N.exe

  • Size

    1.1MB

  • MD5

    0b6e964674b0e7b991b048ca08eadf80

  • SHA1

    ab6627061d77b2e8d34256cc60f7d9325564b99b

  • SHA256

    ca13910f9855c50d0901de7d50db1faef9b3a10d229aca1387ea1ffadac54a9a

  • SHA512

    4b0bdc7b5a410881c586e4a9371c2ad3f35d463d464dd43899f21c8a5c2db79e642e9c73e4556d9ff315693b990a64fd43af2b51eb1ffd47d7e230c66abd2fc1

  • SSDEEP

    24576:dII2mRVMuLi/mDnICLJ4gxqBe57/ATDNoo3cK0Ef2gsOz7a:4mRV247qBe57/ATDNo2+Ef2gsOz7a

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b6e964674b0e7b991b048ca08eadf80N.exe
    "C:\Users\Admin\AppData\Local\Temp\0b6e964674b0e7b991b048ca08eadf80N.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Helper_2345\temp\download\0\Helper_2345.NewVersion.data
    Filesize

    29B

    MD5

    99fb8e84b8aa92889349054a60e1f359

    SHA1

    1b3dd1afb4fe4533ca16db4dd3e7845c13b0e1c5

    SHA256

    5313e624a817ebcb34675027d12b87465de4fc4fdddfdd74d244490c4911b8e4

    SHA512

    2a99095109445c3ca1b9fad5c87fdfed331641401ca8d19d3ab4d109e18b9dc5feb739485f14f390bd3bcfa3a4325e3b1278fe1bb8690dd8df16edb9af52faac

    Download Submit