Overview

overview

10

Static

static

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    46s
  • max time network
    58s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2022, 10:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup.exe

  • Size

    743.9MB

  • MD5

    bf8b03a867ada1f6ce71fb0234797eed

  • SHA1

    5f2baa0f711de5fdff12d2bd41455aa8a21706e4

  • SHA256

    1df26d725e27638fdb64cc5c9295af5000bf8a6eddf4b5e8bda3d405306e4efd

  • SHA512

    a39251c92bb61b8041fb2f42153f77cf8c517020cc20255de18754e45f09f021b84f893a7f63687d4669ccf737df4dadd4d993566b00bc8ec4fe04d5472d9ca2

  • SSDEEP

    49152:5GTvQrvJ881wXZKJsbWNYIkssb7Iorsrpk47YbA:5G0jJ88OTKhors1p7k

Score
10/10
fickerstealerinfostealerspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
    1⤵
      PID:1088
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:1712
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x578
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1696

      Network

        No results found
      • 91.240.118.51:80
        http
        Setup.exe
        1.2kB
         924 B
         21
        20
      • 91.240.118.51:80
        http
        Setup.exe
        853 B
         21.6kB
         18
        24
      No results found

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1088-54-0x0000000074D61000-0x0000000074D63000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1088-55-0x00000000036E0000-0x0000000003B1E000-memory.dmp

        Filesize

        4.2MB

        Download

      • memory/1088-56-0x0000000000400000-0x00000000008E9000-memory.dmp

        Filesize

        4.9MB

        Download

      • memory/1088-57-0x0000000000400000-0x00000000008E9000-memory.dmp

        Filesize

        4.9MB

        Download

      • memory/1712-58-0x000007FEFB801000-0x000007FEFB803000-memory.dmp

        Filesize

        8KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.