Overview

overview

8

Static

static

410676c614...22.exe

windows7-x64

8

410676c614...22.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    138s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 13:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    410676c614ce427073e63c8a2d84e2b19e65ec03b1868570e9b338eb5718b222.exe

  • Size

    147KB

  • MD5

    a2f3e55bed0fa4c86ed7eaf9e448ca50

  • SHA1

    b1bebbc4c5e5082b754900bffaf59b79fd2e68f7

  • SHA256

    410676c614ce427073e63c8a2d84e2b19e65ec03b1868570e9b338eb5718b222

  • SHA512

    f85a70d222960cf4a04a81d321ce94c20070b28f80d241e641860d19c06e0a680dfdeaba2ab3c3e90062bf75b96f3d0fb080bc672dd9f335e569141fe2cfbd28

  • SSDEEP

    3072:TMswXUTWmD6cgL02yO/DuOMZbgOoyh4e4cWv:TJwmDWkUiOMZG0EX

Score
8/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\410676c614ce427073e63c8a2d84e2b19e65ec03b1868570e9b338eb5718b222.exe
    "C:\Users\Admin\AppData\Local\Temp\410676c614ce427073e63c8a2d84e2b19e65ec03b1868570e9b338eb5718b222.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2296
  • C:\PROGRA~3\Mozilla\znblaln.exe
    C:\PROGRA~3\Mozilla\znblaln.exe -irlyaih
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:4124

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\znblaln.exe
    Filesize

    147KB

    MD5

    e67d3f95aae1630fe9da66458e78d0b4

    SHA1

    8899c5d5c58b34fe91b928a135553de7e59398cb

    SHA256

    72b15bbe4f5ec33d1dfc1eb2674287a93016d3f7f49b3420f09c05fce92a0c4d

    SHA512

    11e73358369e76357aa3c60d31e313f8bd9b0e709bdec2a4b38ea0556af900889e52a83b5782f5fe0818bcc28bd82ba25a2697589d0294606e5553323597ff78

    Download Submit

  • C:\ProgramData\Mozilla\znblaln.exe
    Filesize

    147KB

    MD5

    e67d3f95aae1630fe9da66458e78d0b4

    SHA1

    8899c5d5c58b34fe91b928a135553de7e59398cb

    SHA256

    72b15bbe4f5ec33d1dfc1eb2674287a93016d3f7f49b3420f09c05fce92a0c4d

    SHA512

    11e73358369e76357aa3c60d31e313f8bd9b0e709bdec2a4b38ea0556af900889e52a83b5782f5fe0818bcc28bd82ba25a2697589d0294606e5553323597ff78

    Download Submit

  • memory/2296-132-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2296-133-0x0000000002180000-0x00000000021DB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4124-140-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4124-141-0x0000000000D50000-0x0000000000DAB000-memory.dmp

    Filesize

    364KB

    Download