Overview

overview

7

Static

static

c51a12da7e...fd.exe

windows7-x64

7

c51a12da7e...fd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    45s
  • max time network
    57s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/10/2022, 22:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c51a12da7e22d348321695d3ea08345bfb38f6006a6a04a3b79704e0ef2b8ffd.exe

  • Size

    327KB

  • MD5

    03b2728a33044f35957f647e19b2c830

  • SHA1

    81fb714c294b94823b3a5f5ded0345c443a8c87d

  • SHA256

    c51a12da7e22d348321695d3ea08345bfb38f6006a6a04a3b79704e0ef2b8ffd

  • SHA512

    eb2231e70d0ab01d531214a85aea576570749d204b61e0de8cfe0c439dcbb7b312aaac5a6af0e11ba152efeed8795c9ac2017ff1cbfc4fc1748b7ca027073416

  • SSDEEP

    6144:PrQbUzkuvcBYC47l2xVmoQ0gDf3RHy9217LUAnM9iZXjrE:PrFkuveY38g9pfEiZXjY

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\c51a12da7e22d348321695d3ea08345bfb38f6006a6a04a3b79704e0ef2b8ffd.exe
    "C:\Users\Admin\AppData\Local\Temp\c51a12da7e22d348321695d3ea08345bfb38f6006a6a04a3b79704e0ef2b8ffd.exe"
    1⤵
    • Loads dropped DLL
    PID:4928

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\TsuFCF50C86.dll
    Filesize

    36KB

    MD5

    26445eff6faf68a5ad3aba69606a273a

    SHA1

    58fc975f50c5976bab64f8f1b6bd63727e1c5b9a

    SHA256

    8a0a59c0369efdf934374f9f91f9c95d555f2e73ae6a5d87ee8f2d9d0b7f1d79

    SHA512

    dabb336d825d5b80ce2bf354146eb7b297ba053c24dfe8b8399b15f7eb94dfba3ad5a3c77605695b2421fc5487a64eaed25df548649044aaf4660fe65972f9f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{0621C445-239A-4C21-AECA-6BB8DDC2E6B3}\Custom.dll
    Filesize

    29KB

    MD5

    b785d9036bec7d50f83f4cfbc0ac2cb7

    SHA1

    e05c2d4ddac030760e5bb14e8bce7111d710c2c6

    SHA256

    37989b44cf95586e1a17e29efa0489442a52eadcf550a20354296a2d2f544dbe

    SHA512

    e6324285cb785c208cb148b2bf0b6806f7f41366c3a9b5f01c871b97134bc2b7b504ed03bc571ab7c004665f8040bec2077df275f8cbddfe32032e13a356847f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{0621C445-239A-4C21-AECA-6BB8DDC2E6B3}\_Setup.dll
    Filesize

    18KB

    MD5

    c1323ff3f0f4ad124cd0418e18ab0c2a

    SHA1

    dfc7167aa884f905e32abc0ce3d3f5b4eb67f6ef

    SHA256

    0f3e93777f97d946be14a830cfde738e69c99c1b69647d6292a79ebfb2426515

    SHA512

    28679edf5412df9409b66024a145638bae62cd96ddb05349a87c6c3c1cd8159f56df2f4ae477719294ec48b2c723f879870dfec1aa82eb8871928c7b0fdd3df0

    Download Submit