Overview

overview

7

Static

static

cef1ba8f8b...13.exe

windows7-x64

7

cef1ba8f8b...13.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    2s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 04:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cef1ba8f8b5c134d7e976a79dbcdc0e16927829c6591bfd09b3bf6f0f209f213.exe

  • Size

    327KB

  • MD5

    254a38a88ce667deaf842d86548abc95

  • SHA1

    984acd38d329b96cd968034870b5574bc9ad11a4

  • SHA256

    cef1ba8f8b5c134d7e976a79dbcdc0e16927829c6591bfd09b3bf6f0f209f213

  • SHA512

    66c9617c03f215085c8a94f4f232fa509b824acf808e563fc2cdb73fd9540f219aeca561cf8f601a902afb9f359578d7cb70b6ffe286bb2131d4ba76f43e165a

  • SSDEEP

    6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fh:Jr4iu6/eIo4Rsw33AtsmQs

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cef1ba8f8b5c134d7e976a79dbcdc0e16927829c6591bfd09b3bf6f0f209f213.exe
    "C:\Users\Admin\AppData\Local\Temp\cef1ba8f8b5c134d7e976a79dbcdc0e16927829c6591bfd09b3bf6f0f209f213.exe"
    1⤵
    • Loads dropped DLL
    PID:1528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\TsuD9639AF5.dll
    Filesize

    29KB

    MD5

    184c33a5507f288c91b8ec429c057395

    SHA1

    fcc9c3508857e14ca5da61e5fbe6e30081280660

    SHA256

    50a97d5104976020c0baed538c11538ea46c62fc7aa9a11aca9b8f0cd36b69dc

    SHA512

    18dee8bed15b58666baf0cc6c14f83b98ce304c8b386d7ab72d80f0bc2b46d2a856c7a06a69b7e23635d5ddd678106fae5c4d28b007b5d938c2fadbf91ed693e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{CFF96387-A6F7-43D8-A133-EED5141A4171}\Custom.dll
    Filesize

    91KB

    MD5

    c9d3d86ee95ae4d20c80de9ddaa8fa40

    SHA1

    5f0546ec86f3e27f0eec4d5d5451edc630907654

    SHA256

    b34ca5ec63459956e72289b6b1d85891377c4ef451b48f42d92ab7d1aad117a9

    SHA512

    ea895f339e31432497401782a17275cecda18286a158ad191dc1a5c2c3c541205c679689a74ff46c4e4861c7e6d87bf862e54049b419675cadaeea76c400b186

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{CFF96387-A6F7-43D8-A133-EED5141A4171}\_Setup.dll
    Filesize

    180KB

    MD5

    f019ccbcb9fc34eca585696d8ec5c585

    SHA1

    e0d1b4eff07feef1a2b4e0f07e015f3208e1c4bf

    SHA256

    7824f94a444f14a0143702818fb300a387d85173d05ac9cd891f4e1ab1dbac0e

    SHA512

    8ff541ff1401c62ad21dd960c48e5a99981c953f5bf73824146ef2848b778796aac5e17b111b9ad139acbd3b556ecd92f4869876da8849fb79fac4d86cbf70e5

    Download Submit

  • memory/1528-55-0x0000000075021000-0x0000000075023000-memory.dmp

    Filesize

    8KB

    Download