8667c6073c7206aa1b8ca8e1e59f3d2ece73c5b720692057325005bb03b0edf9

Analysis

max time kernel
91s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03/02/2023, 01:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Setup soothe2 v1.1.2.exe
Size

29.3MB
MD5

0158a14c23a8da850a6ee55097662354
SHA1

42a81c184384b1570e3fa38f47366ffe64e418a5
SHA256

d5b6c825e2febc952ac4cc7e9a5977398a545bcc067fa5e9f490b461efb23d37
SHA512

c7e7252ebf2071c5c6052600939319e88a304a81b3f5102d4aa120913f5252f46e86861287c563a515eb4c926a3a13b216fb758985639a77bc35f255917b600b
SSDEEP

786432:qBPNt1Vn5rkfUg2K39kqiCXg8aJmd2V+fJk4pNs:MPvb5L4CJmd2QfJ3pO

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4728	Setup soothe2 v1.1.2.tmp

Loads dropped DLL 5 IoCs

pid	Process
4728	Setup soothe2 v1.1.2.tmp
4728	Setup soothe2 v1.1.2.tmp
4728	Setup soothe2 v1.1.2.tmp
4728	Setup soothe2 v1.1.2.tmp
4728	Setup soothe2 v1.1.2.tmp

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4728	Setup soothe2 v1.1.2.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4760 wrote to memory of 4728	4760	Setup soothe2 v1.1.2.exe	80
PID 4760 wrote to memory of 4728	4760	Setup soothe2 v1.1.2.exe	80
PID 4760 wrote to memory of 4728	4760	Setup soothe2 v1.1.2.exe	80

C:\Users\Admin\AppData\Local\Temp\Setup soothe2 v1.1.2.exe
"C:\Users\Admin\AppData\Local\Temp\Setup soothe2 v1.1.2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4760
- C:\Users\Admin\AppData\Local\Temp\is-G6MQJ.tmp\Setup soothe2 v1.1.2.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-G6MQJ.tmp\Setup soothe2 v1.1.2.tmp" /SL5="$A01C8,30179246,121344,C:\Users\Admin\AppData\Local\Temp\Setup soothe2 v1.1.2.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  PID:4728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-AEHLP.tmp\ISSKINU.DLL

Filesize
357KB

MD5
f30afccd6fafc1cad4567ada824c9358

SHA1
60a65b72f208563f90fba0da6af013a36707caa9

SHA256
e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d

SHA512
59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AEHLP.tmp\ISSKINU.DLL

Filesize
357KB

MD5
f30afccd6fafc1cad4567ada824c9358

SHA1
60a65b72f208563f90fba0da6af013a36707caa9

SHA256
e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d

SHA512
59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AEHLP.tmp\R2RINNO.dll

Filesize
4KB

MD5
0f8bbab51c5f70093b7ed7dd825d68e8

SHA1
a96809560b3e9001124083937a339cf2453a94c8

SHA256
7fc4fa7f5cea34df0a6733527081886cfb1c49b369df2db454de87cc4e70bdb5

SHA512
7b824ad5d7ec786535106d98bc80c9350f35ac2b76d7ee20163e90becf076dfeaca4732c0ecbe2d3d84a2efef337c380d5548ca0123e69e66e30bb396f0b9b81

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AEHLP.tmp\SKIN.CJSTYLES

Filesize
813KB

MD5
5f87caf3f7cf63dde8e6af53bdf31289

SHA1
a2c3cc3d9d831acd797155b667db59a32000d7a8

SHA256
4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940

SHA512
4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-AEHLP.tmp\SKIN.CJSTYLES

Filesize
813KB

MD5
5f87caf3f7cf63dde8e6af53bdf31289

SHA1
a2c3cc3d9d831acd797155b667db59a32000d7a8

SHA256
4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940

SHA512
4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-G6MQJ.tmp\Setup soothe2 v1.1.2.tmp

Filesize
1.1MB

MD5
90fc739c83cd19766acb562c66a7d0e2

SHA1
451f385a53d5fed15e7649e7891e05f231ef549a

SHA256
821bd11693bf4b4b2b9f3c196036e1f4902abd95fb26873ea6c43e123b8c9431

SHA512
4cb11ad48b7585ef1b70fac9e3c25610b2f64a16358cd51e32adcb0b17a6ab1c934aeb10adaa8e9ddf69b2e2f1d18fe2e87b49b39f89b05ea13aa3205e41296c

Download Submit
memory/4728-170-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-175-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-140-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-145-0x0000000077190000-0x000000007720A000-memory.dmp

Filesize
488KB

Download
memory/4728-147-0x0000000077190000-0x000000007720A000-memory.dmp

Filesize
488KB

Download
memory/4728-146-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-148-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-149-0x0000000077190000-0x000000007720A000-memory.dmp

Filesize
488KB

Download
memory/4728-150-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-152-0x0000000075CB0000-0x0000000075CD5000-memory.dmp

Filesize
148KB

Download
memory/4728-151-0x0000000077190000-0x000000007720A000-memory.dmp

Filesize
488KB

Download
memory/4728-153-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-154-0x0000000077190000-0x000000007720A000-memory.dmp

Filesize
488KB

Download
memory/4728-156-0x0000000074640000-0x0000000074670000-memory.dmp

Filesize
192KB

Download
memory/4728-155-0x0000000075CB0000-0x0000000075CD5000-memory.dmp

Filesize
148KB

Download
memory/4728-159-0x0000000075CB0000-0x0000000075CD5000-memory.dmp

Filesize
148KB

Download
memory/4728-157-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-160-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-161-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-158-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-162-0x00000000757A0000-0x0000000075883000-memory.dmp

Filesize
908KB

Download
memory/4728-163-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-164-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-165-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-166-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-167-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-168-0x0000000076500000-0x00000000765DC000-memory.dmp

Filesize
880KB

Download
memory/4728-169-0x00000000757A0000-0x0000000075883000-memory.dmp

Filesize
908KB

Download
memory/4728-172-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-171-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-173-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/4728-142-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-176-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-174-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-177-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-179-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/4728-178-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-180-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-181-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-182-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-183-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-184-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-186-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/4728-187-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-188-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-185-0x0000000075CB0000-0x0000000075CD5000-memory.dmp

Filesize
148KB

Download
memory/4728-189-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-190-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-192-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/4728-193-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-191-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-194-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-195-0x0000000076500000-0x00000000765DC000-memory.dmp

Filesize
880KB

Download
memory/4728-196-0x00000000757A0000-0x0000000075883000-memory.dmp

Filesize
908KB

Download
memory/4728-197-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4728-198-0x00000000765F0000-0x0000000076BA3000-memory.dmp

Filesize
5.7MB

Download
memory/4728-199-0x0000000076170000-0x000000007621F000-memory.dmp

Filesize
700KB

Download
memory/4728-200-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/4728-201-0x0000000074480000-0x00000000745A2000-memory.dmp

Filesize
1.1MB

Download
memory/4728-202-0x00000000032D0000-0x0000000003331000-memory.dmp

Filesize
388KB

Download
memory/4728-203-0x0000000075340000-0x0000000075550000-memory.dmp

Filesize
2.1MB

Download
memory/4760-132-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/4760-134-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/4760-281-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads