Overview

overview

7

Static

static

c611f9a94e...87.exe

windows7-x64

7

c611f9a94e...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    56s
  • max time network
    110s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-10-2022 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c611f9a94e144689e301222d5d50925c48ab04e77b36ac016f813a20c7f19387.exe

  • Size

    327KB

  • MD5

    2d0f9eac035f03a966b2592ee0e1ad3c

  • SHA1

    fba6accdbe74eee9196afb35db4fef82e9e7c340

  • SHA256

    c611f9a94e144689e301222d5d50925c48ab04e77b36ac016f813a20c7f19387

  • SHA512

    f1587b0a8b8ef77981099b3b3d6297b66bf85560fc5a8cc5f528be0082a410cdecfbb048569093f4bc648f83cbaedb47aff5d3498247e8c88205302ea0ead1aa

  • SSDEEP

    6144:Ar469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fn:Ar4iu6/eIo4Rsw33AtsmQm

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\c611f9a94e144689e301222d5d50925c48ab04e77b36ac016f813a20c7f19387.exe
    "C:\Users\Admin\AppData\Local\Temp\c611f9a94e144689e301222d5d50925c48ab04e77b36ac016f813a20c7f19387.exe"
    1⤵
    • Loads dropped DLL
    PID:5036

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\TsuC901AC4D.dll
    Filesize

    37KB

    MD5

    f1ba79a7a15f07f0bbe6d85613db5a0c

    SHA1

    080cb4c5ce0a4feef63daa2965d5d72e581e118e

    SHA256

    ce2401d2fb358118d7d217efe419723566e02b4a3ecc33e5c78ab56691577e6f

    SHA512

    980069376609d9db77b7de03d3dd156979e8e610a156154763e9f4e8590b8fb1da8ba04a3a7d6753d926474e6e69478fbd49b1a155fac098fa2d9eb671efeabb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{D5220BE6-7A15-4FC4-AD2F-32370EC12910}\Custom.dll
    Filesize

    38KB

    MD5

    ff135bc3859250b21f12f43c2a71c265

    SHA1

    57b51ba03baa0ff7473141b7e6a1021a81c0f12a

    SHA256

    d65371a27c47283108ac1c0d82306ad4a18dc2f5ffe566956bfe3a9f48e1be74

    SHA512

    e1ea7b535b6472af24b01e987cdd27595e277e2257f46ca2e464b65fa6c77f920f820014d1479aff7f44fdbbfba9cbab3bc6a31b3030fcec57a8f5c6936f1ef2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{D5220BE6-7A15-4FC4-AD2F-32370EC12910}\_Setup.dll
    Filesize

    46KB

    MD5

    00c500cb628151fcc345d57ef7cec770

    SHA1

    fec444a8e83febad39de679e1c33fd69d495fea2

    SHA256

    5f169d7ff1d248c39f9a186d8e63c1621520e607e53af53f9fd0e0e64d941c65

    SHA512

    04f285127ecf84519ab66a0f23956788068c6dc2abeaf409661f649dd7c402e08812d8c48793e2383e715b2790779b0b30015df1c9acb16dd1e7d9096f6b7605

    Download Submit