Overview

overview

7

Static

static

d0dfa81828...01.exe

windows7-x64

7

d0dfa81828...01.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    2s
  • max time network
    66s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 05:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0dfa81828b188fbaf72ebda155dc32d5aa9d6ef392fde5d39d9bcd0dffaba01.exe

  • Size

    325KB

  • MD5

    0098dbd446650d90e74d17f96d9df5df

  • SHA1

    dd5dfe395e22a4ed3afd1ae0ff25beba7ae79e5f

  • SHA256

    d0dfa81828b188fbaf72ebda155dc32d5aa9d6ef392fde5d39d9bcd0dffaba01

  • SHA512

    1b57cf6b1e845ae6b794fb11facf5678125db3a5e27a5d6972c84564d1b94c674bdb417c353586ebb4605251f5feb2a7fc5e3d7fbfd2c1752edc0762bb344c84

  • SSDEEP

    6144:0r1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oIg:0r1B3u6/eIo4ArVUBQCCYOqmO5oIg

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d0dfa81828b188fbaf72ebda155dc32d5aa9d6ef392fde5d39d9bcd0dffaba01.exe
    "C:\Users\Admin\AppData\Local\Temp\d0dfa81828b188fbaf72ebda155dc32d5aa9d6ef392fde5d39d9bcd0dffaba01.exe"
    1⤵
    • Loads dropped DLL
    PID:1508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu1D38A4D7.dll
    Filesize

    11KB

    MD5

    033dba3958e06460ab94f844f32cfd2b

    SHA1

    b796d10710b66fd32ad3bd5fa13ca24e9f10915c

    SHA256

    5ffc4211a7c7271225a2cf3e6b52759f85faab635f81386682a573b3f04dab98

    SHA512

    382a75982174b245e73e42ecc31a6ccad2ef17829bf15110329be6b963afc80dcc3c1db3e44fe16d65f912314930aec5384f73fafd28d5768be53e426b14d831

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{ACCBF2F1-9213-444E-A6A5-DA317728D007}\Custom.dll
    Filesize

    13KB

    MD5

    e31c32fbb5bd8491ce27dc32023961e6

    SHA1

    ba1c9b296b8e097d169eb78be5c2aa0d34349b40

    SHA256

    2421ada859284456acc00b479bdd8ee321b4b7f1613da7a7b301177513848db4

    SHA512

    c1c02d8c7fc7e7adb39d5984e4009ed5eb17f590fb1645950554dfc59fd2d3815b4fde3b8597de62ecc868513fd893fb446a9dcb3c7ae26def882742048440a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{ACCBF2F1-9213-444E-A6A5-DA317728D007}\_Setup.dll
    Filesize

    32KB

    MD5

    6627ba1954bdb1554117aeaa4053b9a1

    SHA1

    0c2fb97c4ae98bde8600c6dd6aaa729fabf070d2

    SHA256

    c37c5ea2e27ab515c77396acf5fe3bed61dd7e60a02e99d7b7b256a38ff8c9f8

    SHA512

    ae402b5b95f9c93aa38589610e1eee17512082a8062f87c3c5f4113882b5e6c3dbb4d5edf167b73e2085e296be0bcc48034fed25b0a6d5c963d3729966d6175c

    Download Submit

  • memory/1508-55-0x0000000074C91000-0x0000000074C93000-memory.dmp

    Filesize

    8KB

    Download