Overview

overview

8

Static

static

7f27239032...34.exe

windows7-x64

8

7f27239032...34.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    141s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2022 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7f2723903225a8d9b9f029527f0834bd93b2c02a900fbdc53f0bd1d92c43c734.exe

  • Size

    254KB

  • MD5

    1789fb9affd749ba1bfb12526f396c90

  • SHA1

    1c76a3cc965fb1c23357f68ca45d2bc25cf19ea1

  • SHA256

    7f2723903225a8d9b9f029527f0834bd93b2c02a900fbdc53f0bd1d92c43c734

  • SHA512

    1315f653cadeaa7650c8c73450f54f8af6be805c7daeabc70d3fafe47f022acf3fc2333761efd1fb883167a2c119d08a69f18d122a45c2afca53157f394ee4d2

  • SSDEEP

    6144:USH4NMEb+Or4GO30OZ98XdIPxXnlw/xfnj5htL:USH9Eb+E4hRZ98XdoJ4j5hJ

Score
8/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7f2723903225a8d9b9f029527f0834bd93b2c02a900fbdc53f0bd1d92c43c734.exe
    "C:\Users\Admin\AppData\Local\Temp\7f2723903225a8d9b9f029527f0834bd93b2c02a900fbdc53f0bd1d92c43c734.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2400
  • C:\PROGRA~3\Mozilla\znblaln.exe
    C:\PROGRA~3\Mozilla\znblaln.exe -irlyaih
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:5008

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\znblaln.exe
    Filesize

    254KB

    MD5

    cab92344a733b22d13506787e7d7f67b

    SHA1

    0617d26603c26671d255fcbfb128425d06ca80ff

    SHA256

    68b60df330eb78ce88e5c22351457d6dd9dfbb51eca8088bbcd0bc5a1b91e3b8

    SHA512

    a49f9c5560145a99d1b043069b3a6f42a9d27247c8e2ee1f3dc0f478df9661f88d885e364e0128c03ce72213864fb71b6afd0ead9cead3897f3435c4b1513c1f

    Download Submit

  • C:\ProgramData\Mozilla\znblaln.exe
    Filesize

    254KB

    MD5

    cab92344a733b22d13506787e7d7f67b

    SHA1

    0617d26603c26671d255fcbfb128425d06ca80ff

    SHA256

    68b60df330eb78ce88e5c22351457d6dd9dfbb51eca8088bbcd0bc5a1b91e3b8

    SHA512

    a49f9c5560145a99d1b043069b3a6f42a9d27247c8e2ee1f3dc0f478df9661f88d885e364e0128c03ce72213864fb71b6afd0ead9cead3897f3435c4b1513c1f

    Download Submit

  • memory/2400-132-0x0000000000610000-0x000000000066B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2400-133-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2400-136-0x0000000000610000-0x000000000066B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2400-137-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5008-138-0x0000000000670000-0x00000000006CB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5008-139-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5008-140-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download