Overview

overview

10

Static

static

FastCopy/FastCopy.exe

windows7-x64

6

FastCopy/FastCopy.exe

windows10-2004-x64

6

FastCopy/FastEx64.dll

windows7-x64

10

FastCopy/FastEx64.dll

windows10-2004-x64

10

FastCopy/FastExt.dll

windows7-x64

10

FastCopy/FastExt.dll

windows10-2004-x64

10

FastCopy/FastExt1.dll

windows7-x64

10

FastCopy/FastExt1.dll

windows10-2004-x64

10

FastCopy/FcHash.exe

windows7-x64

1

FastCopy/FcHash.exe

windows10-2004-x64

1

FastCopy/fcp.exe

windows7-x64

6

FastCopy/fcp.exe

windows10-2004-x64

6

FastCopy/setup.exe

windows7-x64

1

FastCopy/setup.exe

windows10-2004-x64

1

FastCopy64...py.exe

windows7-x64

6

FastCopy64...py.exe

windows10-2004-x64

6

FastCopy64...64.dll

windows7-x64

10

FastCopy64...64.dll

windows10-2004-x64

10

FastCopy64...xt.dll

windows7-x64

10

FastCopy64...xt.dll

windows10-2004-x64

10

FastCopy64...t1.dll

windows7-x64

10

FastCopy64...t1.dll

windows10-2004-x64

10

FastCopy64/FcHash.exe

windows7-x64

1

FastCopy64/FcHash.exe

windows10-2004-x64

1

FastCopy64/fcp.exe

windows7-x64

6

FastCopy64/fcp.exe

windows10-2004-x64

6

FastCopy64/setup.exe

windows7-x64

1

FastCopy64/setup.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/11/2022, 13:06 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FastCopy/FastCopy.exe

  • Size

    814KB

  • MD5

    c424a2602a861fa2c8835aedf97d38db

  • SHA1

    33a65d8a65db9af10470f3e258096c10aac5c3eb

  • SHA256

    b0a9db46fb5bec5e17211d8480c249202e95feb4598d930229a75b3d47f3de2c

  • SHA512

    215874d929f60360baf1462b708903c329552eb3fb969ecdcc2f2155024fdb93e9fffd0b3a21490b5b07b84092beeb4e09df61a9c208637d50808319cfe7d983

  • SSDEEP

    24576:6UhG9XdLA2TlZLw0Ct8x6czOzLMHmv5RuTUZ62Zeyol:NOXdXxyQHy8TE62ZA

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FastCopy\FastCopy.exe
    "C:\Users\Admin\AppData\Local\Temp\FastCopy\FastCopy.exe"
    1⤵
    • Checks whether UAC is enabled
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1080

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1080-54-0x00000000758C1000-0x00000000758C3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1080-55-0x00000000749A1000-0x00000000749A3000-memory.dmp

    Filesize

    8KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.