Overview

overview

10

Static

static

Al-Mansoor...DF.exe

windows7_x64

10

Al-Mansoor...DF.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    40s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    21-05-2022 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Al-Mansoor _Quote_Order CAYAN LISTS14_PDF.exe

  • Size

    935KB

  • MD5

    5445d45c4c5055033ab93973240c2e14

  • SHA1

    e8fd33792d1ed321f8acf05c52ca79f29b60dc59

  • SHA256

    565d56fb2be1977b8189a0d31222abb99e72d84d777b4253f63bca44ce0535d7

  • SHA512

    35bc3c9de1b84e0b02a6dd1d5e8d34a6b6ddf4b45b5fcf0260bb7bbb5abf8a980ae1a00486363480976afa708e5f46a5babdaf5838fdd2dc8de1dd8922132075

Score
10/10
coreentityrezer0

Malware Config

Signatures

  • CoreEntity .NET Packer 1 IoCs

    A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

    coreentity
  • ReZer0 packer 1 IoCs

    Detects ReZer0, a packer with multiple versions used in various campaigns.

    rezer0

Processes

  • C:\Users\Admin\AppData\Local\Temp\Al-Mansoor _Quote_Order CAYAN LISTS14_PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\Al-Mansoor _Quote_Order CAYAN LISTS14_PDF.exe"
    1⤵
      PID:644

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/644-54-0x0000000000C10000-0x0000000000D00000-memory.dmp
      Filesize

      960KB

      Download
    • memory/644-55-0x0000000075BF1000-0x0000000075BF3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/644-56-0x00000000009A0000-0x00000000009A8000-memory.dmp
      Filesize

      32KB

      Download
    • memory/644-57-0x00000000075A0000-0x0000000007650000-memory.dmp
      Filesize

      704KB

      Download