Overview

overview

10

Static

static

3

d00d857b3d...d6.exe

windows7-x64

1

d00d857b3d...d6.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/01/2025, 21:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd6.exe

  • Size

    10.4MB

  • MD5

    1709ac76cf759864bda829f2db77fb9c

  • SHA1

    763937dfaae0ee35b010ba987c1e02264a3a801c

  • SHA256

    d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd68c994300985f20535b6

  • SHA512

    3064b5dd6147e872bcf409140a16ee7a35ea1b0663fb0fce88901b18474d02a1d24a333e798be09027fc35e29510563b458352d74d47550b6de567fcb123c134

  • SSDEEP

    6144:SUm07J7ezm3f3C8QS4syOpj5PZOpRfXnhKhaQpYGO3Cfg+:O0cwPC8OsymVeR/h2a01E3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd6.exe
    "C:\Users\Admin\AppData\Local\Temp\d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd6.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2588

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\UserApp_Debug.log
    Filesize

    228B

    MD5

    bbcc61ae248085d4e39d1a5af5d64af7

    SHA1

    1025b5066f92db1850c6f46a2565647c7ff2283f

    SHA256

    0ecc65b2aa64d5930248aa5e955181c312d917c113d135415ecb60f3f11c4766

    SHA512

    715eb19056bbf7d830465e294018d0af776247db36137cb48036a499b713c7040ecee40e1bfa2a979ae779ca1f0d7e3bb014c7ef63ce35a03e44d4ba8359be74

    Download Submit