Overview

overview

10

Static

static

8

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

8

ฺฺฺK...ฺฺ

windows10_x64

3

ฺฺฺK...ฺฺ

windows10_x64

3

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

8

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

8

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

3

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

3

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

8

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

10

Resubmissions

12-11-2021 18:04

211112-wnzb8aahhm 10

19-11-2020 10:08

201119-rhwlt38jrx 10

18-11-2020 17:26

201118-htd4fq29va 10

Analysis

  • max time kernel
    1561s
  • max time network
    1582s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    19-11-2020 10:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecurityTaskManager_Setup.exe

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecurityTaskManager_Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\SecurityTaskManager_Setup.exe"
    • Suspicious use of WriteProcessMemory
    PID:508
    • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\setup.exe
      ".\setup.exe"
      • Executes dropped EXE
      PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\Setup.exe
    MD5

    694ba0b43cc2ec5055a7ffa3c4fc3aae

    SHA1

    12863f8925bda943ea510239820be15242b6f1f9

    SHA256

    a771e2f459f171469c5ef3407034a7dda4ece86f5b4db943cc728696daad6295

    SHA512

    12ecac18707a10adf3b62187d298c3fe34f54773321439aa9765394f98cd398af5123cc2c0d912f4c86020d960455691b6a7e94f9bf5f1472108bd6395a38f9b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_bulgarian.txt
    MD5

    89f324a12d6e19b549027d3d7bfb7ae8

    SHA1

    a12479a93c5a70eaf5c4d606dddddefef05ef26e

    SHA256

    ab2386fff64d22e64fb1e553286996232980706683245806f185fd2f423fbdb5

    SHA512

    a0e1707719dd4d998f4e02df7672e75723b7dfc7e4f05f02741f059e6a69cc4444b805b9d7ac40ea53e97cd9ed2d89b0314b2b61105416582d6e9bea9965a8b5

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_czech.txt
    MD5

    0d76174d68f5fce7e150c972eeacef9c

    SHA1

    4adc44d638859253e3befa3407fdbde8866a5456

    SHA256

    d5a4b68cdf201c17b466bc75d29e91b43dca6abda228caf2b6752e09b8a19058

    SHA512

    2ca4cbc1ef23a0b11bd32cff0824b655285d4c8f5535e7113f915e607361211e20ab28e6f5f1da2a26190141809f233434135c27598b6a7f14d4376cfb916f52

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_danish.txt
    MD5

    1325b58debc1e7a46c705a44b4504734

    SHA1

    d68af1fc501342923a23569bb058a7e1510c93da

    SHA256

    d740c5e0e760f7c7547b98d8ff67efa8cc2558fd05c1e086f25919fda5e681f6

    SHA512

    7427b50a0ca11bc74f9182c0ad2952b7a0495d75b53b8bae4fa88ce8b615bb905171fa7883a8ce6c93b778a36e579b8963646b7aeee5a4c2569a0e562f6bb56c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_deutsch.txt
    MD5

    b33fed70df15a44085aa88647d211c81

    SHA1

    2ff758266c852d72a6c9aa001c4cb7f50ef15a76

    SHA256

    a097180501190a3efee4f776485a072a8ba3ec77ae3052932d602b4dfc767738

    SHA512

    f03330183172e48174c8603dd4ab371b03650ddc9c96941c1cfd9e5b394a60f98a6046d41916992bb8ce42400cb91d7976e4aa2822ee69f950d3e9c7e382d966

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_dutch.txt
    MD5

    b930f96bb386f7e289310c3f5063178a

    SHA1

    955a30d309d0dd17d289b918a611bdd9de43cc5d

    SHA256

    f49bf79f10c2af50e0a584d8f619551b21fe14683f2908ec552fb8364ddbc28a

    SHA512

    d4a47caf59956e67eaef294ce3e8732365eaf7623d2933b11d7758f80a4b92637dcdbe95ea1a1674f1b69a0b2ee3f97ba529c623c9e7ac9ca585464c0cc0c7aa

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_english.txt
    MD5

    34c121268b1c3fce53172b3933b075a3

    SHA1

    c44fa37db476886859aaef75878dd7806a7ab518

    SHA256

    f974ea70d717e59d27fa566eeae52831537207ad4bb6308ed93e387f5fced2c4

    SHA512

    6f2aed20f2ea8bc028f923918a4f2b5af131584af94f51536cdd6ba59ba389a8ad52c586226911d67af9d17b53151d677fe190ec0df4f16d5ace189ca3e503eb

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_finnish.txt
    MD5

    7d873c6c96a6725c7b0cb5dfb1a09e87

    SHA1

    dae7dd06dd465fc4f98d14d027025eef10c5bf77

    SHA256

    05dbe3b460b51194c276b9fa2b41292ec52e5e408fa005950f027cf11fb2bc26

    SHA512

    f5f98f46ae0cfb379f7de9258d12287c2f580181ef713af8a9a0b3f81cbc9cab1c9295e18244989bc875dd177f5f6727431cd0dc8b61dade61acdff09677e398

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_french.txt
    MD5

    3184a1d71306f0b0b2f73169520c1029

    SHA1

    59d84aa3bd19d6f2aad47450bb7c28da97057e11

    SHA256

    1dd3e5d60c64b21c265f4635473f9dfde10d1818f7a6ecb3693089c9e225d390

    SHA512

    bf7813a1410ff8e6a2fca41229147c121a85dab9dceed79a03e5e174eff98fe02c9e031c40c85e27c6af8a55de976983078d641da51a323c6ead8f3e7362719a

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_hungarian.txt
    MD5

    a54d196a3a36ba5224d4c409489fda77

    SHA1

    95f6502f4f827f2b70c4aba2ceb8c9a6af9e439c

    SHA256

    a92d6b1995801bb2e13b8362bacdf2aeaa4efc5abe7a292c1446f60aae553158

    SHA512

    b774d369c66192ff1ec4cde1f5b11c8e2ef4d856d65bcb0abdee855a7fb41af6a9eebc88934722e13f09ed2d9679986c2556b26d28258778bbd2fbc04e8667ef

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_italiano.txt
    MD5

    6fa6baead051fa1ea55a9d617d74843e

    SHA1

    63adad9e223d3611243478c813906dea3de80115

    SHA256

    dfcd1e48dcaab1ca041c937a81774ef753cd0e9e3b0eddcc0b4c084585b0ef4f

    SHA512

    70ed25b4258ade5eda92c6bf3427217cb9dd78b7e843586198de24fcb1ee31a3b0d10613a3d18b06ebc7e2867a5111af5fb7cb7674fd55149767f038f3f771ff

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_japanese.txt
    MD5

    0e62e49c4a1868113e00e266d39c47a5

    SHA1

    2be41ae1857c30caf6e1124b51652ffc35779034

    SHA256

    1f6e19ca7500dd3193bdb2d384fe1feed96c1b1dbd9e58c4a27c71b90cb10cfe

    SHA512

    5a8ac80e582545b6d193db5b5e2013aa7ddc7f6e830f5cb497a4a2c1ec31c6dac382157cc0b0f0b8cf17e7247dbb9a094198131fe66e4f58c1c71a5749d2702a

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_korean.txt
    MD5

    992c0dde82beac0c0eb86b137744c196

    SHA1

    8ee1cfccac49a5b9df6d8f3572ecfcbe592676cf

    SHA256

    312980aa8444655137044d3323ed0f5f3d6d2d4d503512e029ffa4429d92fa6e

    SHA512

    074caed4ef7044c032960e3aa4240338356323fb3f880588bf35775dca462acfaf792a14d11113f7e814c19d7e947fed15ddec5f764d3b9a896c36a941192541

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_norwegian_bokmaal.txt
    MD5

    179fe4667bfe1d977d687493f59d7adb

    SHA1

    b3d900debc52ff3e77fb426636968c1f1feb2800

    SHA256

    3e7fe5d3b0095143d86173fd99775d8d0065eaafcf9dd683692062e026879922

    SHA512

    358d51d4f07207ec3017386458d3073e657636505c09cbe1b7e31b3cb778926a9a4a517ecb140e661d3b30586f12e94a5a659cd4cf9ac1332030ddfa3f511c52

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_polish.txt
    MD5

    ce3dcf85fa453f3d735005340ef90ae0

    SHA1

    2c33a89e2d7853d8b1dc40287485f172476129e3

    SHA256

    f1f0bfd7676420d8668d0676ecce039b84b023dd12ecdcc19ac4b01b1bb9de61

    SHA512

    db7f772511c79e159ef842bc1effe8ede244bdb0757446e97ddd39761c3540a05a2475f11fe90da2b8a9bf0c532cabecb27051a4bbe459387961294fbbb86bd0

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_portuguese (Brasil).txt
    MD5

    07d5c6cf24d90859e1bbdec962662ac3

    SHA1

    2f4f9b6e3f1bdb3de3a44ad98427fc55738d4a8f

    SHA256

    485de5cc9654510903431e32cf7e7b9afaeb0a575bffca7af5f652429654f0b4

    SHA512

    689bd4b50a107cb2035dc8d9757d44d53b8c97a4a6979bb3cc2181cd416f6a5fab0293889c3dcde8887414590ff17df627da504d1936e3883300da411ab6ec90

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_portuguese.txt
    MD5

    57dd15b63e5116d4192756eac357fc77

    SHA1

    2e4cbdf15c9b2da2658b6e2df1d7faa26d5563cb

    SHA256

    3692ca1b6e64991835da21e50cd91f2c20395a0a2290655284ec477ed5e241c4

    SHA512

    316c68da136d6b23d40742e5da545acba87e0c9729663afb43f4a12d40505f8f51657de2ee22c7449d1fa072a9505d16759914e019f47d2b64d4f7fdbd120a76

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_russian.txt
    MD5

    27775d53a8f8bdd46d2cd07808540fa5

    SHA1

    f9c905347ac04e465583f5b57c0248d3bc052783

    SHA256

    1c0888d6a709c536a3f8f29cea3477c8bd1d91bc7beb68e6854c7228c52555dc

    SHA512

    96e9734ee5c383045f9779348c2977e87c6db249bd51e75667a46d34e105fbb9e99ab68df1ff9aaf092858f751f03996ec6c27b2b35fee7addc300d9642b3306

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_spanish.txt
    MD5

    1db8fa700e36994c13075acac2b3d1cb

    SHA1

    049a77576da0bed590109cc15129686d72e12399

    SHA256

    00fd546aab44ac4cf4cfd822b249ef7ecfa0a4b8afdd6438ecbfd9705c7ec746

    SHA512

    24a7ed6098c629bd210e0934c13656d6ece22f4da68296ead9a0883ab395afb90c3f37596b8f0007f4ebffef8688a7b1686c1618182a7299ed17da31636d09fd

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_swedish.txt
    MD5

    37f4289c2977a484189b9ff44a590b8f

    SHA1

    8165528ec43e0131d139e6696ed3317bd283d2d0

    SHA256

    ef67f369daf2eaa2878330c076654d4dec001d9e365e35888e82fb10cae2153d

    SHA512

    5684e6d543fffef1e08bb5645c3c4d2e1ae37a03243e9df1c44daf1f40f2514fdff8c7cf702d9c7e78f6dad0a7d93e4ded95ea58442125c85b87621d3839d12d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_turkish.txt
    MD5

    ce97c5cc7ffaa5d6b18d313d4b8eae81

    SHA1

    1795b8763718fb31d1e0396567232d9891e49d81

    SHA256

    89ce1dbd43e5d377013f2228de688787350c8f11d908ecbc0ded355c7bc63663

    SHA512

    9efbfa39beb9e032121c57a3d8f713a387dfb7feda44bea4bdad8a80a2626644da324c01315475445974883aaedc0432ca53920f154427151b9b650d0ebbbc66

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\lgs_ukrainian.txt
    MD5

    df09a44cde9e14378fe3ddd47a8ca3fe

    SHA1

    39d880fd38980a5dde18c1fb94707711a07878fb

    SHA256

    59d771c4d45af27f793c38ee78a2a5c5667f877d7f65313cbad93bd8ec3b1fce

    SHA512

    5a3cf5f280d29496371e4ee8a21966bfd6aaaa208eddf4112d67198ff639798e68338b07ae5b8aeb498c7a3875ce2f42a8f037bf5359ab707d0a6e796510a33c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\setup.exe
    MD5

    694ba0b43cc2ec5055a7ffa3c4fc3aae

    SHA1

    12863f8925bda943ea510239820be15242b6f1f9

    SHA256

    a771e2f459f171469c5ef3407034a7dda4ece86f5b4db943cc728696daad6295

    SHA512

    12ecac18707a10adf3b62187d298c3fe34f54773321439aa9765394f98cd398af5123cc2c0d912f4c86020d960455691b6a7e94f9bf5f1472108bd6395a38f9b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\taskman.exe
    MD5

    3733003588acfbc9ff5df9765c80d405

    SHA1

    b52befaf06a525407de46499706ffda1df024263

    SHA256

    0c87006a32e187cb1fef06dc9f19b547c78909e88ab59cc89d7b53aebbae9b4a

    SHA512

    b6c94eabecb85a507395c4a6c3717471bf2486d5b4dba8d946c0ae960af673455e9ff338f5c6bc33bb55b363c2d6a51fb0660d0aa0d99c6914ffb514f38be32b

    Download Submit
  • memory/2208-0-0x0000000000000000-mapping.dmp
    Download