Overview

overview

8

Static

static

Setup_Topf...au.exe

windows7-x64

8

Setup_Topf...au.exe

windows10-2004-x64

8

Resubmissions

22-11-2022 13:27

221122-qp9axshe3z 8

22-11-2022 13:20

221122-qlc4badh28 8

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-11-2022 13:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup_Topfpflanzenbau.exe

  • Size

    3.1MB

  • MD5

    e9a062d4f24c2c003ef66bbf1cb4b748

  • SHA1

    030bccea94af099c807b81adc8db7596562c321e

  • SHA256

    44ddc246d89d715c0a28d404f2907cf3cd655265f02fd9e29bdcd9d6c438791b

  • SHA512

    71a6dde852314e2fdae1799b6ed253e4f7a43b25c9c4af591013a23adf0bb4908f23f9227e0fd152d2c3217f132cd0d5786c4418ea8af5de9f51c8e9a7c47a8e

  • SSDEEP

    98304:foA1JJs+NmfqbKLOEyJzgijYU/vuQ2H+a7:g2u+NBbbJzjYU/jM+6

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup_Topfpflanzenbau.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup_Topfpflanzenbau.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4336
    • C:\Users\Admin\AppData\Local\Temp\is-OP4DM.tmp\Setup_Topfpflanzenbau.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-OP4DM.tmp\Setup_Topfpflanzenbau.tmp" /SL5="$801E2,3031278,67072,C:\Users\Admin\AppData\Local\Temp\Setup_Topfpflanzenbau.exe"
      2⤵
      • Executes dropped EXE
      PID:4724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-OP4DM.tmp\Setup_Topfpflanzenbau.tmp
    Filesize

    701KB

    MD5

    49f873e8f3e7625a819905c0aeaa159b

    SHA1

    7bbda62db5e7c881f1198a4a27812f1d95040610

    SHA256

    fcf3ae70e68aebe43d11264071f9ec1ad0222cb99aea777abe33942a227b23f5

    SHA512

    194672abebef9fa21edcf4df20110b8027ce01b50775db47d824ea81e28d90cf3bad672df80ea1001c35c189e65c309e9dbbdfc6ce87579fb1d3e810b7911988

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\is-OP4DM.tmp\Setup_Topfpflanzenbau.tmp
    Filesize

    701KB

    MD5

    49f873e8f3e7625a819905c0aeaa159b

    SHA1

    7bbda62db5e7c881f1198a4a27812f1d95040610

    SHA256

    fcf3ae70e68aebe43d11264071f9ec1ad0222cb99aea777abe33942a227b23f5

    SHA512

    194672abebef9fa21edcf4df20110b8027ce01b50775db47d824ea81e28d90cf3bad672df80ea1001c35c189e65c309e9dbbdfc6ce87579fb1d3e810b7911988

    Download Submit
  • memory/4336-132-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download
  • memory/4336-137-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download
  • memory/4724-134-0x0000000000000000-mapping.dmp
    Download