Overview

overview

8

Static

static

8d2e3d6456...57.exe

windows7-x64

8

8d2e3d6456...57.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    186s
  • max time network
    215s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/12/2022, 12:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8d2e3d6456edb5485e60c3f9fdddc0f28c6272c34731a2f6c1e567e91e43da57.exe

  • Size

    349KB

  • MD5

    1cfa3c47d4229bfbcbc9d53050963c20

  • SHA1

    44267bb591d7c9456f36b4c606357de916c93bd9

  • SHA256

    8d2e3d6456edb5485e60c3f9fdddc0f28c6272c34731a2f6c1e567e91e43da57

  • SHA512

    59bbfebd3bae00b818dd0de0c0d0bd87ee3964322741bc987406f45ec13ff64cfb05896dd7b56286d5ad80c6575a6aaddbb2e9683140cf505411a3c5753b5001

  • SSDEEP

    6144:Xxh9XRXLl2KfDWuIQ0MHcQlZLWtm7V2HdPP88gZuCAk6gH+Z96BGvFVj8ileMq+r:hh9XJan5QlkE7VeP88iR+iM6BG9tEMkE

Score
8/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d2e3d6456edb5485e60c3f9fdddc0f28c6272c34731a2f6c1e567e91e43da57.exe
    "C:\Users\Admin\AppData\Local\Temp\8d2e3d6456edb5485e60c3f9fdddc0f28c6272c34731a2f6c1e567e91e43da57.exe"
    1⤵
    • Drops file in Program Files directory
    PID:748
  • C:\PROGRA~3\Mozilla\wlgmldg.exe
    C:\PROGRA~3\Mozilla\wlgmldg.exe -tefqmxb
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1452

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\wlgmldg.exe
          Filesize

          349KB

          MD5

          f676d42491815000dfd84afa6a97af88

          SHA1

          fa03b7f94624405324992817e6946c8f9dc7faf4

          SHA256

          c411c139624127c2762e862a1f59ccf88b0b18a960e78096944af87a831af105

          SHA512

          f4b0514edb3019c3582a7cf403ad1563570fce6d86e155be40c31acfa42deb0f5fcf9f5dec31c0168b44cf828cdbb7a510444e36f064bd1d68087eb5af8eddfa

          Download Submit

        • C:\ProgramData\Mozilla\wlgmldg.exe
          Filesize

          349KB

          MD5

          f676d42491815000dfd84afa6a97af88

          SHA1

          fa03b7f94624405324992817e6946c8f9dc7faf4

          SHA256

          c411c139624127c2762e862a1f59ccf88b0b18a960e78096944af87a831af105

          SHA512

          f4b0514edb3019c3582a7cf403ad1563570fce6d86e155be40c31acfa42deb0f5fcf9f5dec31c0168b44cf828cdbb7a510444e36f064bd1d68087eb5af8eddfa

          Download Submit

        • memory/748-132-0x0000000000400000-0x0000000000425000-memory.dmp

          Filesize

          148KB

          Download

        • memory/748-133-0x00000000025A0000-0x00000000025FB000-memory.dmp

          Filesize

          364KB

          Download

        • memory/1452-140-0x0000000000400000-0x0000000000425000-memory.dmp

          Filesize

          148KB

          Download

        • memory/1452-141-0x0000000000670000-0x00000000006CB000-memory.dmp

          Filesize

          364KB

          Download