Analysis
-
max time kernel
141s -
max time network
261s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
18/10/2024, 12:13
General
-
Target
a3f51f0184e0ff4f04bc939ca4a228e5ce43b34cf495c30e7e67e4dac4f497bd.exe
-
Size
3.6MB
-
MD5
3964609e52de2ff11ba1407a8269b64a
-
SHA1
2b54316d50eac94f0684213ba7b77dc526425145
-
SHA256
a3f51f0184e0ff4f04bc939ca4a228e5ce43b34cf495c30e7e67e4dac4f497bd
-
SHA512
50d0cb89cd1571439a63e5546df591e4ba847a6f89b70b7580c40728f5d62d44ced5485487cc9b1a2637b22d609318f203dbaa9555f8a8edb8e38aa214107ad3
-
SSDEEP
98304:ARS7vtq4RZ2KZC7UPsyLLcVkHmMvNOUhQ7BkyO:EYDWkGMvNtyO
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a3f51f0184e0ff4f04bc939ca4a228e5ce43b34cf495c30e7e67e4dac4f497bd.exe"C:\Users\Admin\AppData\Local\Temp\a3f51f0184e0ff4f04bc939ca4a228e5ce43b34cf495c30e7e67e4dac4f497bd.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.7MB