Overview

overview

7

Static

static

1

Bitsum Pro...4.4.7z

windows10-2004-x64

3

BOA.zip

windows10-2004-x64

1

Activator.exe

windows10-2004-x64

3

History.txt

windows10-2004-x64

1

Readme.txt

windows10-2004-x64

1

BOP113.zip

windows10-2004-x64

1

Follow us ...ff.url

windows10-2004-x64

1

Follow us ...yz.txt

windows10-2004-x64

1

Follow us ...nk.url

windows10-2004-x64

1

Follow us ...yz.url

windows10-2004-x64

1

Follow us ...go.png

windows10-2004-x64

3

Follow us ...AQ.jpg

windows10-2004-x64

3

Follow us ...LG.png

windows10-2004-x64

3

Follow us ...rs.txt

windows10-2004-x64

1

processlas...32.exe

windows10-2004-x64

7

processlas...64.exe

windows10-2004-x64

7

Resubmissions

20/04/2023, 20:19

230420-y33pascb55 3

20/04/2023, 20:17

230420-y278dseb2z 7

Analysis

  • max time kernel
    502s
  • max time network
    507s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/04/2023, 20:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    processlassosetup32.exe

  • Size

    2.3MB

  • MD5

    cbda3e6df1afd18bdeb3872bda700c73

  • SHA1

    3bd1b5829228b1193f4c8b504ae6c6517e4d396c

  • SHA256

    44f66a745e9d4aa444df791036d2c9ebfbafbee798be33fe2d13d0a80cb697c0

  • SHA512

    1ca0a30b9bc6be3089dd5cc47a72a1daa10147a7f6dbb75f06c880f4aa3bf2be1cf891d133654d15593ebbb23fe51860ce085edd0586ea0cf09eadefab762ecd

  • SSDEEP

    49152:Nt11gVx+ETRhhn6lfM1ca/pT88KYu+rgVesjj6SpGp7vW:TgVdhB69du18VAgeSm6

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\processlassosetup32.exe
    "C:\Users\Admin\AppData\Local\Temp\processlassosetup32.exe"
    1⤵
    • Loads dropped DLL
    PID:2312

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsv7E2F.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    ab1db56369412fe8476fefffd11e4cc0

    SHA1

    daad036a83b2ee2fa86d840a34a341100552e723

    SHA256

    6f14c8f01f50a30743dac68c5ac813451463dfb427eb4e35fcdfe2410e1a913b

    SHA512

    8d886643b4fc24adf78f76b663227d6e61863f89e0cbd49548f40dd040666ca94ea46bec9e336850e4f300995d56e6dc85b689c8e09ff46758822d280f06b03d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsv7E2F.tmp\System.dll
    Filesize

    12KB

    MD5

    0d7ad4f45dc6f5aa87f606d0331c6901

    SHA1

    48df0911f0484cbe2a8cdd5362140b63c41ee457

    SHA256

    3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    SHA512

    c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    Download Submit