Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
17/08/2024, 21:29
General
-
Target
1b47e98c184338181cf08ebe7c60d0c0N.exe
-
Size
503KB
-
MD5
1b47e98c184338181cf08ebe7c60d0c0
-
SHA1
d6077a2422ee118f019c42401914459056242067
-
SHA256
fd6f6ec73c7b0048a0d6e0bc2f0ed1d4b13299cc1f09db7c25c91a220a765358
-
SHA512
5291afce8406a63182a43d19d397f7dbc6820dc8242211dcdb9fcf261fff7d0319bf3218d95a72bf05522477e44d4547ccb18ae1527c95491af9759779338f2d
-
SSDEEP
6144:aVgHc0OtjzoiaYwAGkSrrHv7+b57xe18qF6lWvvfRK3BK+UG4M3rNi/aqvZ4KyaM:auELnwAS/7+bBx08660v6cO7caqBVb
Score
6/10
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 1 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1b47e98c184338181cf08ebe7c60d0c0N.exe"C:\Users\Admin\AppData\Local\Temp\1b47e98c184338181cf08ebe7c60d0c0N.exe"1⤵
- Enumerates connected drives
- Suspicious use of FindShellTrayWindow