c647dfb73a652f3bd0e0ce4611ffbd3451f13d1708d4df045fb26f367db76d85

Analysis

max time kernel
15s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
21/07/2024, 04:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6bf92005883ed48e8e1b1f026d6423b0N.exe
Size

44KB
MD5

6bf92005883ed48e8e1b1f026d6423b0
SHA1

7b0a3c3fc4fe045c43968e38d4ee89e61109f0d5
SHA256

c647dfb73a652f3bd0e0ce4611ffbd3451f13d1708d4df045fb26f367db76d85
SHA512

61bf007a186017e69a9f3919f6f92266a7aa86ed7e5c11e385ffdc7b67c683941113e098b040c7a00a397d29cb2c8408148ff1054ece3795a800a914ee38fa4f
SSDEEP

768:EHJd0TpH2+bQ2dUWVX9Hfv1JMWmtLEJOyuBxG0D3mjfS3XJfUyniFRfa1i3o0NWk:EpgpHzb9dZVX9fHMvG0D3XJ9Bi3n9

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2220	6bf92005883ed48e8e1b1f026d6423b0N.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\6bf92005883ed48e8e1b1f026d6423b0N.exe
"C:\Users\Admin\AppData\Local\Temp\6bf92005883ed48e8e1b1f026d6423b0N.exe"
1⤵
- Loads dropped DLL
PID:2220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\nse1EA9.tmp\inetc.dll

Filesize
22KB

MD5
cab75d596adf6bac4ba6a8374dd71de9

SHA1
fb90d4f13331d0c9275fa815937a4ff22ead6fa3

SHA256
89e24e4124b607f3f98e4df508c4ddd2701d8f7fcf1dc6e2aba11d56c97c0c5a

SHA512
510786599289c8793526969cfe0a96e049436d40809c1c351642b2c67d5fb2394cb20887010727a5da35c52a20c5557ad940967053b1b59ad91ca1307208c391

Download Submit