929adcf731e730ee1251eeef8513fd774b1357c1c3e1da4d287722ed778434f9

Submit
Reports

Overview

overview

Static

static

03ff897da4...b3.exe

windows7_x64

03ff897da4...b3.exe

windows10_x64

10493d98a6...41.exe

windows7_x64

10493d98a6...41.exe

windows10_x64

11747d3247...67.exe

windows7_x64

11747d3247...67.exe

windows10_x64

San11 Tc/D...eg.htm

windows7_x64

San11 Tc/D...eg.htm

windows10_x64

San11 Tc/DrvMgt.dll

windows7_x64

San11 Tc/DrvMgt.dll

windows10_x64

San11 Tc/L...es.exe

windows7_x64

San11 Tc/L...es.exe

windows10_x64

San11 Tc/S...er.exe

windows7_x64

San11 Tc/S...er.exe

windows10_x64

San11 Tc/S...er.exe

windows7_x64

San11 Tc/S...er.exe

windows10_x64

San11 Tc/S...YS.exe

windows7_x64

San11 Tc/S...YS.exe

windows10_x64

San11 Tc/San11.exe

windows7_x64

San11 Tc/San11.exe

windows10_x64

San11 Tc/san11pk.exe

windows7_x64

San11 Tc/san11pk.exe

windows10_x64

San11 Tc/�...��.exe

windows7_x64

San11 Tc/�...��.exe

windows10_x64

23c9e16cc6...7b.exe

windows7_x64

23c9e16cc6...7b.exe

windows10_x64

36a18ae31f...d0.exe

windows7_x64

36a18ae31f...d0.exe

windows10_x64

4109a062b3...d4.exe

windows7_x64

4109a062b3...d4.exe

windows10_x64

CW3.exe

windows7_x64

CW3.exe

windows10_x64

Analysis

max time kernel
132s
max time network
121s
platform
windows7_x64
resource
win7-en-20211014
submitted
20-10-2021 15:32

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

Behavioral task

behavioral1

Sample

03ff897da4bfb8bc549fdb1ebf7ee940bcb9b57fed7d26d83c45d1e9ec1f40b3.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

03ff897da4bfb8bc549fdb1ebf7ee940bcb9b57fed7d26d83c45d1e9ec1f40b3.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

10493d98a6e78b7bbc60a9aae5ce5fa1a67cdace2a6be41740c92e21dcdb5f41.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

10493d98a6e78b7bbc60a9aae5ce5fa1a67cdace2a6be41740c92e21dcdb5f41.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

11747d3247254b7db3fb7d6b8c0b47d21546b208b1573a73ae20f46ca4131e67.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

11747d3247254b7db3fb7d6b8c0b47d21546b208b1573a73ae20f46ca4131e67.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

San11 Tc/Doc/Reg/san11_reg.htm

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

San11 Tc/Doc/Reg/san11_reg.htm

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

San11 Tc/DrvMgt.dll

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

San11 Tc/DrvMgt.dll

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

San11 Tc/LinkSan11Res.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

San11 Tc/LinkSan11Res.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

San11 Tc/S11Launcher.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

San11 Tc/S11Launcher.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

San11 Tc/S11PKLauncher.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

San11 Tc/S11PKLauncher.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

San11 Tc/SECDRV.SYS.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

San11 Tc/SECDRV.SYS.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

San11 Tc/San11.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

San11 Tc/San11.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

San11 Tc/san11pk.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

San11 Tc/san11pk.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

San11 Tc/开始游戏.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

San11 Tc/开始游戏.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

36a18ae31faa401de370fc7c808bd43f5f7af14c9f6f71cbd2aa9f8cca6555d0.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

36a18ae31faa401de370fc7c808bd43f5f7af14c9f6f71cbd2aa9f8cca6555d0.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

4109a062b38d66ee7222cd984120e056acd0f5dad490c623f411c8abb18796d4.exe

Resource

win7-en-20211014

discovery persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

4109a062b38d66ee7222cd984120e056acd0f5dad490c623f411c8abb18796d4.exe

Resource

win10-en-20210920

discovery persistence upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

CW3.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

CW3.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

CW3.exe
Size

15.4MB
MD5

c67252dc22f8b34524d9fcc1256d738d
SHA1

56917892ceae7df9056f12b419aa8c5eec3f1bae
SHA256

e738a7ee12e2eafb48366e84f8cd089c4433d2a2223954f3642a1c71ce80e456
SHA512

351877cc61e747b8b6c24e72a2d183024d6b2e3333be5c47f2efa3941cc2298f972e92d7367226cdf0841fec4ca53fdde3a067ae75b4f5521ef9c5d4feded672

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\CW3.exe
"C:\Users\Admin\AppData\Local\Temp\CW3.exe"
1⤵
PID:976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/976-55-0x00000000768A1000-0x00000000768A3000-memory.dmp

Filesize
8KB

Download
memory/976-56-0x0000000004720000-0x0000000004820000-memory.dmp

Filesize
1024KB

Download
memory/976-57-0x0000000004B50000-0x0000000004C50000-memory.dmp

Filesize
1024KB

Download