Overview

overview

7

Static

static

1

tsetup-x64.4.6.2.exe

windows7-x64

7

tsetup-x64.4.6.2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-02-2023 21:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tsetup-x64.4.6.2.exe

  • Size

    38.6MB

  • MD5

    d7baf876e62d3adda58eec2db6a5da07

  • SHA1

    23de816b2838ae25207f136343e6bf47e0d3f040

  • SHA256

    ca7d6968ce2e44b7bde709ea5a8aef2752984999db28da37b538631f2945468a

  • SHA512

    44c2691cee18e2acb57fda45ca4bef82769a2e6b24d8634cb41d39624c969628eaf4c08d5c0e3161dd1d722bb78448a2b88c36a6f5c164f8945a723ba25197e1

  • SSDEEP

    786432:OzkK/qXQxBVXBBq6Lpma9vUPywWnLQb+Pnl7RDnz0JzLz:t8oGBVf/ppYPonl7V0JzLz

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.6.2.exe
    "C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.6.2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4624
    • C:\Users\Admin\AppData\Local\Temp\is-719DN.tmp\tsetup-x64.4.6.2.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-719DN.tmp\tsetup-x64.4.6.2.tmp" /SL5="$9006C,39537747,814592,C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.6.2.exe"
      2⤵
      • Executes dropped EXE
      PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-719DN.tmp\tsetup-x64.4.6.2.tmp
    Filesize

    3.0MB

    MD5

    e9e523ee729711ed8a4ecc164af0eb1d

    SHA1

    6448050c2d615201c541724a3b5ba7a3ef0b839d

    SHA256

    e068c14cd9fc95477a5d3ca52a0ca4d51aa3817937d2cc46f326d25ea8106e12

    SHA512

    f40404f90f89d917b2c1a267c8f0e5b4c489ede2ded543091e081319653e17c1293777f1cc80af384e8bf94bc7e79bfd5994a3f5de3dbb6742d4e99fdb1ef8ed

    Download Submit

  • memory/4624-132-0x0000000000400000-0x00000000004D4000-memory.dmp

    Filesize

    848KB

    Download

  • memory/4624-134-0x0000000000400000-0x00000000004D4000-memory.dmp

    Filesize

    848KB

    Download

  • memory/4624-135-0x0000000000400000-0x00000000004D4000-memory.dmp

    Filesize

    848KB

    Download