2c79bad3b5eaaee69ef3cf26335faae93945cfa5efa2a1bd27b6b8f6f69fedce

Analysis

max time kernel
143s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 10:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HotelMIS_special.exe
Size

4.4MB
MD5

28c496e7858fe08d033471188758ae05
SHA1

f9e2b499793571e63eeeda42fec5f35c29ac4d8e
SHA256

6a6205ae89cf59a35824fe19cf0b43f040bcf17aa38cbea4667483eda5371f88
SHA512

fa04faa33dedadd87846e907ae31f9b80d1fefd843373a9d1dce74ff33a1e9fb32c58f918dabfc718e80e5917122eed639a11971bb32e82fc81fae7871920c64
SSDEEP

98304:Au7/6DqskEQHVuiI6u01OwmjeDc470I7iL4rSkzF7HBVroZSfvfmMluFIcQE/SiG:z/6mRNVuiubKDICSk9/tjlR3

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
1388	HotelMIS_special.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\HotelMIS_special.exe
"C:\Users\Admin\AppData\Local\Temp\HotelMIS_special.exe"
1⤵
- Loads dropped DLL
PID:1388

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsxE63B.tmp\InstallOptions.dll

Filesize
14KB

MD5
b18dfaded8f6d2380fdfd8f6b6969211

SHA1
969fa0e906240ab1123254feeb833c275626cf76

SHA256
747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

SHA512
25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsxE63B.tmp\ioSpecial.ini

Filesize
600B

MD5
5ce3858477e5795a9ce219916548775a

SHA1
c0a98d15de5df75e60c740943a9a7da2ad8b405a

SHA256
c7da40d875416d13d70ab191233014feecbd7d072183a9c1900c0750bd90a1e2

SHA512
a8b7c060b3dd259d5d97e42f3c40e6b5c635bcff769fac5298d82c2b88ed9439d6daffc02e8caa5a0a41449b233701f6de4ee1b680096fa05730712d42f51a24

Download Submit