Analysis

  • max time kernel
    3s
  • max time network
    59s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2022 22:16

General

  • Target

    bf7528c045ad57d80281fe2b5cadf0e8b266b5c091d6f5b6673700a573d30616.exe

  • Size

    327KB

  • MD5

    0027298faae27dfba09612152c256400

  • SHA1

    d97d1f3c76b12eb8fe6be3884ba2d19a24ed9af8

  • SHA256

    bf7528c045ad57d80281fe2b5cadf0e8b266b5c091d6f5b6673700a573d30616

  • SHA512

    10308d68d746cdae6a17a3421546c218159107149cce392ff99648c8b8c73439cda3c5833007a188316191ae175c2b2cd5bde7b303616b92da9668276ccc0163

  • SSDEEP

    6144:NrcbUzkuvcBYC47l2xh6UXujU/6HXgnAv0FSArgxb1BQ5f:NrhkuveY3QwU/hXQDbvKf

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf7528c045ad57d80281fe2b5cadf0e8b266b5c091d6f5b6673700a573d30616.exe
    "C:\Users\Admin\AppData\Local\Temp\bf7528c045ad57d80281fe2b5cadf0e8b266b5c091d6f5b6673700a573d30616.exe"
    1⤵
    • Loads dropped DLL
    PID:1000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\TsuEFC3A398.dll

    Filesize

    31KB

    MD5

    7e2a01a8830850c120133416110ae969

    SHA1

    493a7d4e67384a50a1dbf337e27c488860100a67

    SHA256

    991ab7e3e0b09eadf5ba9e8063b80f4bc428de2a68730b1ae9f476327ff6b4f1

    SHA512

    f44848c8cb26bd3ed7e1ef273ff172eb32df52631d80417eef2a1287a9f7cdd4030bc405983a5e1fa427a562dde574def1eb1d203d956bf1a67486cda2c9331f

  • \Users\Admin\AppData\Local\Temp\{9A5EBEAC-F33A-4B2D-A9C6-BB1841BD9C5A}\Custom.dll

    Filesize

    68KB

    MD5

    13fb609066ac6236c28c4b197cffe121

    SHA1

    63ffcc7b535fe9dfdfa2fdf5184eaed694c1f350

    SHA256

    76d18532ff61757190d420936ce8ff4df1fffb98a3e5a6e6ad9cc2e624250cd3

    SHA512

    99b6f611265e26696eb65b8629ffaabfce7e0f8345232f8791e4ba22b176e6add9d269e98181b918bbada4dfa82ba43dde590e7a3d2b76e1e474167fecf134e8

  • \Users\Admin\AppData\Local\Temp\{9A5EBEAC-F33A-4B2D-A9C6-BB1841BD9C5A}\_Setup.dll

    Filesize

    36KB

    MD5

    509bec9b9de659b14910a9706e99c93f

    SHA1

    9bfee10d824807dfa3f5bcbb71af41ead1dd0297

    SHA256

    c557d1db858b540eda37b8d8f1bdd8da5afebba2c4ccddbdb91979103aae81dc

    SHA512

    166d2a0c9790af9ab9e66500b225743820cf8bf00456b9dba94c3caf1f6fcc3abfe1ce031012c258655a44482f3354956683287402218493444c2f6bdc4c08ae

  • memory/1000-55-0x0000000075201000-0x0000000075203000-memory.dmp

    Filesize

    8KB