Overview

overview

10

Static

static

1

Store-ind-10002.exe

windows10-ltsc 2021-x64

10

Store-ind-10002.exe

windows11-21h2-x64

4

Analysis

  • max time kernel
    433s
  • max time network
    1162s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20-11-2024 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Store-ind-10002.exe

  • Size

    181.6MB

  • MD5

    aa6c0f982ef38147d29a062f655c79e8

  • SHA1

    3a7f6c67a3f292b17d047397cc6cae663758fb05

  • SHA256

    727a20a3caeb6ba869ea392ebd7b29496fbc08f019b56ed959e48b903e6e14c6

  • SHA512

    edf363155623e10697021b9d191d921d423026be1f537c47de879e97c76bb6b6644af41cdb87af0f6b3cfe0edb186ab056a0e20737220aed789ebb5dfcd8ddbb

  • SSDEEP

    3145728:NkuGirATd5XXMWrjwCMS3JXJVhfSEx/aJjdsw7KwM8JiWb4URJE00cfAAerKzUOJ:airAj5Hwu3JThfhx/aVzo8AKfAAX/M2X

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Store-ind-10002.exe
    "C:\Users\Admin\AppData\Local\Temp\Store-ind-10002.exe"
    1⤵
    • Loads dropped DLL
    • Checks processor information in registry
    PID:3348
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:3340

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\Lenovo\LeAppStore\logs\LeStoreInstaller.txt.logdat
      Filesize

      2KB

      MD5

      4c66e72d632e7fcbbb5cf412fe344c59

      SHA1

      0f72b1ccdfd974e81eafbca0da302dd21caec016

      SHA256

      7120a2e2902574fc6dc48e1b88085778699c29cb3c2a14647637a3f7def680a6

      SHA512

      f22be874f4bae52c2db570ca2d8000d85f8834d493f4b414e62deae60dd8fc4b7e00b7d5f696325d365ce9a6ed8fb26e47d67b76ee902d5bd15879419a8c2298

      Download Submit

    • C:\Users\Admin\AppData\Local\Lenovo\LeAppStore_tempwork\libcrypto-3-x64.dll
      Filesize

      5.7MB

      MD5

      15927d128a0b3968fc12f23813f3e67a

      SHA1

      9db0375a61c46927f03143cefc481999e4437583

      SHA256

      bc65afce0e342e6e47c1b596a441e943d947543a0b26ca66d435c74726e93402

      SHA512

      d5cde41b2ef59aeaa72584a72562e09349f2bb03e4f5bea6a168cf5737b789b027d7c51b96e18c15c7f44c30d45aa732304b065ff3a4199f4eff26992404f14b

      Download Submit

    • C:\Users\Admin\AppData\Local\Lenovo\LeAppStore_tempwork\ludpx64.dll
      Filesize

      1.6MB

      MD5

      878042ca2642817a41e7df7b26a15d83

      SHA1

      3f935224b4f70fbdcacf08123b82be943d0f1aa7

      SHA256

      8b2fdf99a026a56fcb9058b655dc5ebcee12bc8fe7aea00bad4cd655316f712e

      SHA512

      95b16238f823e03de00513a17fe129368f056222e73160720ce09c55b92d675ed55f887830151d9052cbef977f58764abbcb7bacdb639e1e3dc93f7cc9e60b75

      Download Submit