Overview

overview

8

Static

static

418cf46799...51.exe

windows7-x64

8

418cf46799...51.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    95s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 13:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    418cf46799b9825541d55eae66e2040a3dcd9947a72a42b48b281f95cc22c951.exe

  • Size

    137KB

  • MD5

    9262e04e944cb03e620cf2baf9e34ea0

  • SHA1

    2d53cea9eb6b7db5cbff8be0f284a58677c46a64

  • SHA256

    418cf46799b9825541d55eae66e2040a3dcd9947a72a42b48b281f95cc22c951

  • SHA512

    815817183bb01ad01d2643db19d4db71cff1ae85af9dcf5fbf480975bd6d84278743a97bc95548fe47c84cf5c32033c217346fcb5635aaf3bc90a13924c9a108

  • SSDEEP

    3072:HAwEvRRdqcqpaiVPfGHO4xATzlypxd7CQn3piYtWu:TcRWcslXWRpjCS5TWu

Score
8/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\418cf46799b9825541d55eae66e2040a3dcd9947a72a42b48b281f95cc22c951.exe
    "C:\Users\Admin\AppData\Local\Temp\418cf46799b9825541d55eae66e2040a3dcd9947a72a42b48b281f95cc22c951.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1744
  • C:\PROGRA~3\Mozilla\znblaln.exe
    C:\PROGRA~3\Mozilla\znblaln.exe -irlyaih
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:4888

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\znblaln.exe
          Filesize

          137KB

          MD5

          2dc4de9cf6ce5f6e0953c9ad5cee3f2a

          SHA1

          dda58d36e0e7afbfe017b3ab9fb266c8da58ab2d

          SHA256

          995037f559fa09360ebeeb33578d9cf84e6dd1e3516fdaaec6344b27173868c1

          SHA512

          2d10b235194e9c178b2f0befa9b1299678e7e7c23c89da57c645df6535caff0fb35b9fd60af6b85616fea1f4e312955ec3c5dfde25cea3629eea819bed9d319a

          Download Submit

        • C:\ProgramData\Mozilla\znblaln.exe
          Filesize

          137KB

          MD5

          2dc4de9cf6ce5f6e0953c9ad5cee3f2a

          SHA1

          dda58d36e0e7afbfe017b3ab9fb266c8da58ab2d

          SHA256

          995037f559fa09360ebeeb33578d9cf84e6dd1e3516fdaaec6344b27173868c1

          SHA512

          2d10b235194e9c178b2f0befa9b1299678e7e7c23c89da57c645df6535caff0fb35b9fd60af6b85616fea1f4e312955ec3c5dfde25cea3629eea819bed9d319a

          Download Submit

        • memory/1744-132-0x0000000000400000-0x0000000000461000-memory.dmp

          Filesize

          388KB

          Download

        • memory/1744-133-0x0000000000400000-0x0000000000461000-memory.dmp

          Filesize

          388KB

          Download

        • memory/4888-138-0x0000000000400000-0x0000000000461000-memory.dmp

          Filesize

          388KB

          Download

        • memory/4888-139-0x0000000000400000-0x0000000000461000-memory.dmp

          Filesize

          388KB

          Download