3a16c941223ae24e33b62e925575669a52f7993765aadf075a8bea5decd8a836 | Triage

Submit
Reports

Overview

overview

Static

static

7zS850A099...ed.exe

windows7_x64

7zS850A099...ed.exe

windows10-2004_x64

7zS850A099...1a.exe

windows7_x64

7zS850A099...1a.exe

windows10-2004_x64

1

7zS850A099...b7.exe

windows7_x64

7zS850A099...b7.exe

windows10-2004_x64

7zS850A099...5e.exe

windows7_x64

7zS850A099...5e.exe

windows10-2004_x64

7zS850A099...a0.exe

windows7_x64

7zS850A099...a0.exe

windows10-2004_x64

7zS850A099...95.exe

windows7_x64

7

7zS850A099...95.exe

windows10-2004_x64

7

7zS850A099...cb.exe

windows7_x64

7zS850A099...cb.exe

windows10-2004_x64

1

7zS850A099...58.exe

windows7_x64

7

7zS850A099...58.exe

windows10-2004_x64

1

7zS850A099...7f.exe

windows7_x64

7

7zS850A099...7f.exe

windows10-2004_x64

1

7zS850A099...32.exe

windows7_x64

7

7zS850A099...32.exe

windows10-2004_x64

7

7zS850A099...c3.exe

windows7_x64

8

7zS850A099...c3.exe

windows10-2004_x64

8

7zS850A099...e9.exe

windows7_x64

6

7zS850A099...e9.exe

windows10-2004_x64

6

7zS850A099...8c.exe

windows7_x64

8

7zS850A099...8c.exe

windows10-2004_x64

1

7zS850A099...8c.exe

windows7_x64

7zS850A099...8c.exe

windows10-2004_x64

7zS850A099...ll.exe

windows7_x64

7zS850A099...ll.exe

windows10-2004_x64

1

Analysis

max time kernel
166s
max time network
177s
platform
windows10-2004_x64
resource
win10v2004-en-20220112
submitted
19-01-2022 08:10

Sharing

Static task

static1

aspackv2 socelars

Behavioral task

behavioral1

Sample

7zS850A099E/61e74fd2175cb_Tue23956aa60ed.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7zS850A099E/61e74fd2175cb_Tue23956aa60ed.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

7zS850A099E/61e74fd3252fe_Tue23df2ad021a.exe

Resource

win7-en-20211208

discovery suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

7zS850A099E/61e74fd3252fe_Tue23df2ad021a.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

7zS850A099E/61e74fd41f841_Tue2365aa82b7.exe

Resource

win7-en-20211208

smokeloader backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

7zS850A099E/61e74fd41f841_Tue2365aa82b7.exe

Resource

win10v2004-en-20220112

smokeloader backdoor trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

7zS850A099E/61e74fd53f766_Tue23ec97445e.exe

Resource

win7-en-20211208

evasion spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

7zS850A099E/61e74fd53f766_Tue23ec97445e.exe

Resource

win10v2004-en-20220112

smokeloader socelars vidar 937 backdoor discovery evasion persistence spyware stealer suricata trojan upx

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

7zS850A099E/61e74fd78769f_Tue234b6c24d9a0.exe

Resource

win7-en-20211208

socelars discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

7zS850A099E/61e74fd78769f_Tue234b6c24d9a0.exe

Resource

win10v2004-en-20220112

socelars spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

7zS850A099E/61e74fd8ef830_Tue23593425095.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

7zS850A099E/61e74fd8ef830_Tue23593425095.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

7zS850A099E/61e74fda51500_Tue23260baecb.exe

Resource

win7-en-20211208

djvu mimikatz smokeloader vidar 517 backdoor bootkit discovery persistence ransomware spyware stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

7zS850A099E/61e74fda51500_Tue23260baecb.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

7zS850A099E/61e7501ab629f_Tue23c4645058.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

7zS850A099E/61e7501ab629f_Tue23c4645058.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

7zS850A099E/61e7501b7eabe_Tue2344597f.exe

Resource

win7-en-20211208

discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

7zS850A099E/61e7501b7eabe_Tue2344597f.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

7zS850A099E/61e7501c830d6_Tue23bdf4712a32.exe

Resource

win7-en-20211208

discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

7zS850A099E/61e7501c830d6_Tue23bdf4712a32.exe

Resource

win10v2004-en-20220112

discovery spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

7zS850A099E/61e7501db65f3_Tue23c7b395c3.exe

Resource

win7-en-20211208

spyware stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

7zS850A099E/61e7501db65f3_Tue23c7b395c3.exe

Resource

win10v2004-en-20220112

spyware stealer upx

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

7zS850A099E/61e7502b8389b_Tue233252e9.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

7zS850A099E/61e7502b8389b_Tue233252e9.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

7zS850A099E/61e7502c4cff3_Tue232cba58c.exe

Resource

win7-en-20211208

discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

7zS850A099E/61e7502c4cff3_Tue232cba58c.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

7zS850A099E/61e7502f007f3_Tue23d6fecf8c.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

7zS850A099E/61e7502f007f3_Tue23d6fecf8c.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

7zS850A099E/setup_install.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

7zS850A099E/setup_install.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

7zS850A099E/61e7502b8389b_Tue233252e9.exe
Size

362KB
MD5

bd97b9bdb9e842a76d084d9aae2157dc
SHA1

05855bb520005e4105f053d40c464cb8c7b2f2d0
SHA256

c739d1ae35aa6c63fb6f07b529bd25f77aad42260ed8a95a69487216fbb2b718
SHA512

3e5112f757f7e54399b14d4a00c695a1268f1cf4534db95fa3e7529c437add41b4cf5429747635c16d8fbe1c0123e4522a8b08867ede9de3b5c73b75987a2c32

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Processes

C:\Users\Admin\AppData\Local\Temp\7zS850A099E\61e7502b8389b_Tue233252e9.exe
"C:\Users\Admin\AppData\Local\Temp\7zS850A099E\61e7502b8389b_Tue233252e9.exe"
1⤵
PID:1008

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1008-132-0x00000000005A0000-0x00000000005C0000-memory.dmp

Filesize
128KB

Download
memory/1008-133-0x00000000005D0000-0x0000000000608000-memory.dmp

Filesize
224KB

Download
memory/1008-134-0x0000000000400000-0x0000000000462000-memory.dmp

Filesize
392KB

Download

© 2018-2024

Terms | Privacy