9af6b34cb0d095aae607edd5114efab16f20a3baed8fa1e042e41699eeb3a11d

Analysis

max time kernel
130s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21/08/2024, 01:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe
Size

7.2MB
MD5

8f27c733486dc0f2325384d779041c24
SHA1

c380ee264a977aece44e7d0934e0154156170a2e
SHA256

9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e
SHA512

24b0d41a07d3f432d9da8d1ee6c6a999a8eb48e327e71a16354f53ff083bb8af61d593ab95d27f8a5b2c6534e00fa3fe124cbc4ea40250e289a9ae48400dff18
SSDEEP

98304:yjtYW8rlXVeFGxGD3u4k9sNzJm9+bBX3AtlGGoJXiir7BzN1BNN1BPak+:kYW8ZleFGwa4k9+zJm0GoJxaF

Score

8^/10

persistence

Malware Config

Signatures

Event Triggered Execution: Image File Execution Options Injection 1 TTPs 2 IoCs

persistence

Image File Execution Options Injection

T1546.012

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe	9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe\MaxLoaderThreads = "1"	9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe

C:\Users\Admin\AppData\Local\Temp\9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe
"C:\Users\Admin\AppData\Local\Temp\9a961df9be3826b2c77e46193454af385add6adb581d4848f7319b2da9a3e33e.exe"
1⤵
- Event Triggered Execution: Image File Execution Options Injection
PID:3060

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Image File Execution Options Injection

T1546.012

Privilege Escalation

Event Triggered Execution

T1546

Image File Execution Options Injection

T1546.012

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads