Overview

overview

7

Static

static

93d9e5e288...75.exe

windows7-x64

7

93d9e5e288...75.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    28/10/2022, 22:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    93d9e5e288d67ee22bfa4d94ffd115f4b14925fea7cf8baea61661068970a075.exe

  • Size

    313KB

  • MD5

    0f6b91828372cb5ba12b1ae59b9486f0

  • SHA1

    80239ca139807a999fe2d64acdd857a2c3926819

  • SHA256

    93d9e5e288d67ee22bfa4d94ffd115f4b14925fea7cf8baea61661068970a075

  • SHA512

    5ccb54426a04326094363515ce1dcc6867185d000ffc8323a5b471b4bbb182b944fa33be0ed65998e162cf8540181de93d1e4ca9e1f474e3696ab4d19b417695

  • SSDEEP

    6144:RrY9uEo2S1YnQmCX492DkwNP3qpYFG+NFJCWE0ALKkizq+o8Ixc+pwymEVwk9pYb:Rrwu6/eIo4KfJs0ALK5q+GxcXBER9pK

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\93d9e5e288d67ee22bfa4d94ffd115f4b14925fea7cf8baea61661068970a075.exe
    "C:\Users\Admin\AppData\Local\Temp\93d9e5e288d67ee22bfa4d94ffd115f4b14925fea7cf8baea61661068970a075.exe"
    1⤵
    • Loads dropped DLL
    PID:1828

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\Tsu12AAF2E2.dll
          Filesize

          36KB

          MD5

          40c2f8287bf916cd11623fa61e03c396

          SHA1

          f6f88cd89369b573a3f65010a0286a33ca2de4f2

          SHA256

          720cb6cd3e4ff193e471bff07b46ca000f829e1bfd3654fa08f24811cc8313de

          SHA512

          41032109ff99e0f3e05d0545b0288aded2ef50ec16183486a6eb23f906dbd08adaa53cd2d57f6b333aedc20737bb9acfae71f267be44912d8b192cf52b24a10f

          Download Submit

        • \Users\Admin\AppData\Local\Temp\{37CD0290-0BFF-4878-AA93-43DDEC2E2066}\Custom.dll
          Filesize

          43KB

          MD5

          f9e7474d9d2f9bee9803f3b72e55301a

          SHA1

          ba8ff9fb6eb44c11b633ba0e4058d063c2b3e0c8

          SHA256

          7db8cff238058b93770f763bf4a1f9cd5602657fafb9037834d4d77696c2d35a

          SHA512

          f943d2d89c7b37cc69e017d3ae6154fe1e0201727e95f29837734fbdccd6dd097855efa5891874a9656ea4aa0ed760f37480ecb54bd202cbd18ab96a6d5215d7

          Download Submit

        • \Users\Admin\AppData\Local\Temp\{37CD0290-0BFF-4878-AA93-43DDEC2E2066}\_Setup.dll
          Filesize

          39KB

          MD5

          863e254345d87b282f7522410a1d12ab

          SHA1

          daaa0670da4633f08113fd57e618f79730cf1934

          SHA256

          8e2fcfb75b63ca415b8c07cc0c242701142cbebaa838ecee24758f7ca43940a9

          SHA512

          c56801ecaf44c510bb13e324c0fb422f8f405cf62f67da954ece1a74bff8b055032302a350ac4e1d38732639d882930f15dd62f17dc7cb1e254e3db94fbcd5dc

          Download Submit

        • memory/1828-55-0x0000000075601000-0x0000000075603000-memory.dmp

          Filesize

          8KB

          Download