Overview

overview

8

Static

static

003771d10c...ef.exe

windows7-x64

8

003771d10c...ef.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    92s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/10/2022, 00:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    003771d10c16648599d662152eadd4a80993c0343e3b228119a04ed8c39005ef.exe

  • Size

    474KB

  • MD5

    6ab754b9d9f5b04e0596e1be976a3034

  • SHA1

    f88f21ad62de89fd7894e630b3990d26a95cf3d4

  • SHA256

    003771d10c16648599d662152eadd4a80993c0343e3b228119a04ed8c39005ef

  • SHA512

    cd378f052a328277c1daccc7ed691364a76fd78907e6ab9048ee2affc9c309790d341e8cb0d52ceca1416d1e4e4457987d65e3eba245a757301849312701bc4e

  • SSDEEP

    6144:5WUTxSfmV6hRRgHI6I9h/lZb5BuEw4MiQo2Rukif0nyFKotRv3B82TjW/ivT:5WxfSo60ll+CMi21iH9/Hrr

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\003771d10c16648599d662152eadd4a80993c0343e3b228119a04ed8c39005ef.exe
    "C:\Users\Admin\AppData\Local\Temp\003771d10c16648599d662152eadd4a80993c0343e3b228119a04ed8c39005ef.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2860
  • C:\PROGRA~3\Mozilla\nkvxlye.exe
    C:\PROGRA~3\Mozilla\nkvxlye.exe -xqialii
    1⤵
    • Executes dropped EXE
    PID:3320
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3320 -s 452
      2⤵
      • Program crash
      PID:860
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 3320 -ip 3320
    1⤵
      PID:4352

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\PROGRA~3\Mozilla\nkvxlye.exe
            Filesize

            474KB

            MD5

            55230057f7c95fe44b4b1a2ca479a268

            SHA1

            0378110535410cabad3309ec9587028a0d8512ef

            SHA256

            378902583376ea5e0bdb563291131811ad3128c78acac9492034a2fa835be6eb

            SHA512

            8fa4c7851bd1c6dbd7f5d614c12dd3819aaf481808e6dc5efc8d3e4391a3d57ae66f048d9b610366f43c4343c0c191b0d59fbf569f8ded93d48c90b1a8c97ed8

            Download Submit

          • C:\ProgramData\Mozilla\nkvxlye.exe
            Filesize

            474KB

            MD5

            55230057f7c95fe44b4b1a2ca479a268

            SHA1

            0378110535410cabad3309ec9587028a0d8512ef

            SHA256

            378902583376ea5e0bdb563291131811ad3128c78acac9492034a2fa835be6eb

            SHA512

            8fa4c7851bd1c6dbd7f5d614c12dd3819aaf481808e6dc5efc8d3e4391a3d57ae66f048d9b610366f43c4343c0c191b0d59fbf569f8ded93d48c90b1a8c97ed8

            Download Submit

          • memory/2860-132-0x0000000000740000-0x000000000079B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2860-133-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2860-136-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/3320-137-0x00000000005C0000-0x000000000061B000-memory.dmp

            Filesize

            364KB

            Download