Overview
overview
10Static
static
8146bcd0d72...26.exe
windows7_x64
10146bcd0d72...26.exe
windows10_x64
1021c3fb1754...59.exe
windows7_x64
1021c3fb1754...59.exe
windows10_x64
102a800cff45...68.exe
windows7_x64
72a800cff45...68.exe
windows10_x64
7332d5c33b7...d0.exe
windows7_x64
1332d5c33b7...d0.exe
windows10_x64
13571d9db00...bb.exe
windows7_x64
73571d9db00...bb.exe
windows10_x64
742fe522179...78.exe
windows7_x64
742fe522179...78.exe
windows10_x64
74bb0c1eec2...af.exe
windows7_x64
14bb0c1eec2...af.exe
windows10_x64
19d1871a7a1...26.exe
windows7_x64
39d1871a7a1...26.exe
windows10_x64
3a2d4e5d989...26.exe
windows7_x64
10a2d4e5d989...26.exe
windows10_x64
10aa7cce2f9f...61.exe
windows7_x64
8aa7cce2f9f...61.exe
windows10_x64
8b27ee400dd...33.exe
windows7_x64
7b27ee400dd...33.exe
windows10_x64
7b6559bb03a...99.exe
windows7_x64
8b6559bb03a...99.exe
windows10_x64
8b6c343fd90...6f.exe
windows7_x64
8b6c343fd90...6f.exe
windows10_x64
8cfc91db924...d1.exe
windows7_x64
8cfc91db924...d1.exe
windows10_x64
8e2bbb71fe6...c6.exe
windows7_x64
7e2bbb71fe6...c6.exe
windows10_x64
7fb812a3c96...ed.exe
windows7_x64
1fb812a3c96...ed.exe
windows10_x64
1Analysis
-
max time kernel
12s -
max time network
14s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
04-01-2021 02:13
Static task
static1
Behavioral task
behavioral1
Sample
146bcd0d720f43d289c66d3a3cdc77e5e5a3d924174ee1993ac6db2cb0ca8026.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral2
Sample
146bcd0d720f43d289c66d3a3cdc77e5e5a3d924174ee1993ac6db2cb0ca8026.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral3
Sample
21c3fb175492561c6527cdefc46fde66ba2bc11ca4b50edf887423654ab8b259.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral4
Sample
21c3fb175492561c6527cdefc46fde66ba2bc11ca4b50edf887423654ab8b259.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral5
Sample
2a800cff4584740ee43108e122f4797c455e5b6097774aeb33ebe666170b4968.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral6
Sample
2a800cff4584740ee43108e122f4797c455e5b6097774aeb33ebe666170b4968.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral7
Sample
332d5c33b76318e30c94601d5fcca3dfe49c0a4a7c9f444681785e80d7c882d0.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral8
Sample
332d5c33b76318e30c94601d5fcca3dfe49c0a4a7c9f444681785e80d7c882d0.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral9
Sample
3571d9db0064c7e2ec8d856e9b9bd80f30ea45a3dabd811176c80863a85205bb.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral10
Sample
3571d9db0064c7e2ec8d856e9b9bd80f30ea45a3dabd811176c80863a85205bb.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral11
Sample
42fe5221797668a788756bb9995792ff47ddcb1ec9582a0f325535bcef1fa078.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral12
Sample
42fe5221797668a788756bb9995792ff47ddcb1ec9582a0f325535bcef1fa078.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral13
Sample
4bb0c1eec232aac63365ee4b30b1b567025b020d62fcd2c1e8321f2408b2bfaf.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral14
Sample
4bb0c1eec232aac63365ee4b30b1b567025b020d62fcd2c1e8321f2408b2bfaf.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral15
Sample
9d1871a7a1315b8c535fa1b673a427640cb4e75b03f1616cdd677345e82dce26.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral16
Sample
9d1871a7a1315b8c535fa1b673a427640cb4e75b03f1616cdd677345e82dce26.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral17
Sample
a2d4e5d989f091cc30e88e850af43ba620c893946a891217c0322f0ff29c2926.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral18
Sample
a2d4e5d989f091cc30e88e850af43ba620c893946a891217c0322f0ff29c2926.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral19
Sample
aa7cce2f9f6776129e2c41c48171e597504a5354d34f7503630651a748ebee61.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral20
Sample
aa7cce2f9f6776129e2c41c48171e597504a5354d34f7503630651a748ebee61.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral21
Sample
b27ee400ddd033d6ee17b294ca0c9077c1ababe60c79ae3c7b0555179689d333.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral22
Sample
b27ee400ddd033d6ee17b294ca0c9077c1ababe60c79ae3c7b0555179689d333.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral23
Sample
b6559bb03a3a150f020cd435a9d516d1b8b39b6abd34c66da6759e71bc7d9399.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral24
Sample
b6559bb03a3a150f020cd435a9d516d1b8b39b6abd34c66da6759e71bc7d9399.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral25
Sample
b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral26
Sample
b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral27
Sample
cfc91db9240c75b636480e7dfaef4daaa754e787d2ecb32f55d74c5a20c9dfd1.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral28
Sample
cfc91db9240c75b636480e7dfaef4daaa754e787d2ecb32f55d74c5a20c9dfd1.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral29
Sample
e2bbb71fe65dd6ffb22fcb05e99a687711d3d429c22d512a2a49166b69ffe3c6.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral30
Sample
e2bbb71fe65dd6ffb22fcb05e99a687711d3d429c22d512a2a49166b69ffe3c6.exe
Resource
win10v20201028
windows10_x64
Behavioral task
behavioral31
Sample
fb812a3c965da5044860794686ce9656db3c37be16794ab7c771c32567514fed.exe
Resource
win7v20201028
windows7_x64
Behavioral task
behavioral32
Sample
fb812a3c965da5044860794686ce9656db3c37be16794ab7c771c32567514fed.exe
Resource
win10v20201028
windows10_x64
General
-
Target
b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
pid Process 2044 Run.exe -
Loads dropped DLL 5 IoCs
pid Process 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe -
Suspicious behavior: EnumeratesProcesses 8 IoCs
pid Process 2044 Run.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe 2044 Run.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2044 Run.exe 2044 Run.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26 PID 1204 wrote to memory of 2044 1204 b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe 26
Processes
-
C:\Users\Admin\AppData\Local\Temp\b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe"C:\Users\Admin\AppData\Local\Temp\b6c343fd90ce107bd1e0ea2fec6b5d3a33637f0a6daa251256a533e426aa796f.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1204 -
C:\Users\Admin\AppData\Local\Temp\7zS55ED.tmp\Run.exe.\Run.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2044
-