Analysis

  • max time kernel
    416s
  • max time network
    419s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/09/2024, 21:25

General

  • Target

    disbelief-installer.exe

  • Size

    48.1MB

  • MD5

    a95fadeef901adea7442cf8bcd70eea4

  • SHA1

    66077f0e21db5a5d454f7654ffb7690a8eadb52a

  • SHA256

    cea04b7b70e782a4affd7ab3c121a33fd0dc63c727d39cc04f89327a45a612e0

  • SHA512

    f180ca3b5440f7fc183cda0a9a4d429277c60ab64821fdb1f97c37c8248182416bd97c1fb63f0057dd5e892428bafa2c12608f7e65416351ef4568a4e53690de

  • SSDEEP

    786432:k5IIdCVQVgUqaE+dpsix3VNSIdqinOdwyEWX/teWe3AHqLgI/83F+jbmgF0bhUSh:kxUUqatdpzVA6bOjresHI/0FumK0x

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\disbelief-installer.exe
    "C:\Users\Admin\AppData\Local\Temp\disbelief-installer.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads