Overview

overview

8

Static

static

666b962d58...28.exe

windows7-x64

8

666b962d58...28.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    302s
  • max time network
    415s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/11/2022, 22:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    666b962d58f60e8a6cb0a225c4ff33a030ff4a492a562d9cb1cca8f2bb337928.exe

  • Size

    204KB

  • MD5

    437a36dc1e168dd9a91e2a912fce4420

  • SHA1

    65c923be30646a5ae8dcebea20da1d77661cf258

  • SHA256

    666b962d58f60e8a6cb0a225c4ff33a030ff4a492a562d9cb1cca8f2bb337928

  • SHA512

    13f0a98cac80ed2a64ca310e66215afb8e2d80f5ec1a452a99f0f4291b8710ea37b878ddf5e777a9109c82e128d58461b1b29ca2f56eafedfe155732946605c0

  • SSDEEP

    3072:n4CgNgTsDAJJRjOmh4JUABuENeXkm6cANLFZhh2D+0caj3kyRACh4:n4CgCJJnyyABu+QHANn9ozq

Score
8/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\666b962d58f60e8a6cb0a225c4ff33a030ff4a492a562d9cb1cca8f2bb337928.exe
    "C:\Users\Admin\AppData\Local\Temp\666b962d58f60e8a6cb0a225c4ff33a030ff4a492a562d9cb1cca8f2bb337928.exe"
    1⤵
    • Drops file in Program Files directory
    PID:404
  • C:\PROGRA~3\Mozilla\eggislc.exe
    C:\PROGRA~3\Mozilla\eggislc.exe -voxrjvd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3340

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\eggislc.exe
    Filesize

    204KB

    MD5

    7382ec1006320f905de3def0d3d6b9e0

    SHA1

    12cee12311d94d00a9705aa60b7b5b9bae454294

    SHA256

    c521be3c68811d0780ca24a8790e57e08f8fb22f32026c8887fb493ac80d89ea

    SHA512

    2b233a1f1e6d074510a5a6872fae52709c79f52bd0890d59b9489d7ecb48cfa8edf7ac3c33a2acdc9c834336e576f511e6c5dc823e98781c9f3880ebc421625c

    Download Submit

  • C:\ProgramData\Mozilla\eggislc.exe
    Filesize

    204KB

    MD5

    7382ec1006320f905de3def0d3d6b9e0

    SHA1

    12cee12311d94d00a9705aa60b7b5b9bae454294

    SHA256

    c521be3c68811d0780ca24a8790e57e08f8fb22f32026c8887fb493ac80d89ea

    SHA512

    2b233a1f1e6d074510a5a6872fae52709c79f52bd0890d59b9489d7ecb48cfa8edf7ac3c33a2acdc9c834336e576f511e6c5dc823e98781c9f3880ebc421625c

    Download Submit

  • memory/404-133-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/404-134-0x0000000002220000-0x000000000227B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/404-135-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/404-136-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/404-137-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/404-142-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3340-140-0x0000000000720000-0x000000000077B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3340-141-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3340-143-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download