Overview

overview

7

Static

static

415ca8dace...e8.exe

windows7-x64

7

415ca8dace...e8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    4s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 08:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    415ca8dace43c4883c1e7509b7d0d31c03faaf6b91327463d619360e0485c3e8.exe

  • Size

    327KB

  • MD5

    e7aaa45b77aca1d55d271a6140a75ac1

  • SHA1

    4c0f78012ecc92d0b190f0806b18f5133817f117

  • SHA256

    415ca8dace43c4883c1e7509b7d0d31c03faaf6b91327463d619360e0485c3e8

  • SHA512

    bfe5a85d03bf42448661017890346787ecfc7fdcdb73875c12ef9745f0b5e582f8e6ef0f9939aeaa1d75e5a225a8125755d4264684f31a166a27e1f40f23c22c

  • SSDEEP

    6144:Zr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F3I:Zr4iu6/eIo4Rsw33AtsmQp

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\415ca8dace43c4883c1e7509b7d0d31c03faaf6b91327463d619360e0485c3e8.exe
    "C:\Users\Admin\AppData\Local\Temp\415ca8dace43c4883c1e7509b7d0d31c03faaf6b91327463d619360e0485c3e8.exe"
    1⤵
    • Loads dropped DLL
    PID:1844

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu6E26D032.dll
    Filesize

    52KB

    MD5

    bb555309c791aa15e13d246666b88177

    SHA1

    3138847aa4590872a1b8f1914dbcd522542bf3fe

    SHA256

    ba9e6035cdfc5371799a231e226897ac17b726d5865b8aca9f0d8b9833409b62

    SHA512

    d8efda7b430b959037ccacf9ae6af7d3ec76f636ab0bf837ac9f56a1ae4de138a5ac61172d83f867dd7707a553f6732d9e06272a432b40ebfaedfd2532c4cf51

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{07BDE91B-D406-4E14-ACFF-9C24DC5ECBED}\Custom.dll
    Filesize

    43KB

    MD5

    96a497b076f4877fa76f499d7cba05df

    SHA1

    08d8b5dff693fbe76fc0899337a5479d4386ff16

    SHA256

    4421d1120420e9ade2614d232bce23b64361010922fbb7fbc79c5133ac0ee824

    SHA512

    d7780fc62313d3e8728df9419d04395e1f03ebea138f1271875919bcba609691b7b9644548099219f3a8cd53d164d857ff8d5e0a59e274c61b9a6c6c4c8020f8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{07BDE91B-D406-4E14-ACFF-9C24DC5ECBED}\_Setup.dll
    Filesize

    33KB

    MD5

    96b2b9e75f026ebb557ffa2384aca08d

    SHA1

    012c73791eab9d62505576bbb6f531e9ed09118d

    SHA256

    1b29eef6a9512c6ee8b54079d8e0cbd95c7582012fc269c6d216d852e971a586

    SHA512

    f3850d53c3e067bf7018af2d87f5cf96b427253438ea8006e91fc5593c00ef7dec2946bd82910a217c01ac050005c70411495e1f97927ed64ccffee8b4e10180

    Download Submit

  • memory/1844-55-0x0000000075B41000-0x0000000075B43000-memory.dmp

    Filesize

    8KB

    Download