ea407cfe38627c7f7800d6f61fa5a59f7e53c5ab5bd6b210c1b3bd4646421993

Analysis

max time kernel
53s
max time network
46s
platform
windows7_x64
resource
win7-20241010-es
resource tags

arch:x64arch:x86image:win7-20241010-eslocale:es-esos:windows7-x64systemwindows
submitted
03/12/2024, 16:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Supermarket Simulator.exe
Size

638KB
MD5

9d3ab312a46d6791d21eec62a3db7685
SHA1

165950096d29f38b5f7db6b4652107dcf4bdc995
SHA256

ea407cfe38627c7f7800d6f61fa5a59f7e53c5ab5bd6b210c1b3bd4646421993
SHA512

f9a7d4add7cfd48c4b121e9b8ad8c96075374023b9d0bc28abdbf4a291a5a84fb8e7dfd394cf14bfd7872bd0a3044a09f862c10418cb889848146f273fc432ad
SSDEEP

6144:sEbaWnBUCGgpU9cYa4lTIkWHGBBQucpYRR2pMwLSMR:soCCNHGmVFR

Score

6^/10

defense_evasion

Malware Config

Signatures

System Binary Proxy Execution: Verclsid 1 TTPs 1 IoCs

Adversaries may abuse Verclsid to proxy execution of malicious code.

defense_evasion

Verclsid

T1218.012

pid	Process
2628	verclsid.exe

C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator.exe
"C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator.exe"
1⤵
PID:2348

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2320

C:\Windows\system32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {0B2C9183-C9FA-4C53-AE21-C900B0C39965} /I {0C733A8A-2A1C-11CE-ADE5-00AA0044773D} /X 0x401
1⤵
- System Binary Proxy Execution: Verclsid
PID:2628

C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator.exe
"C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator.exe"
1⤵
PID:2484

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

System Binary Proxy Execution

T1218

Verclsid

T1218.012

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads