70f962dd6e6c654b77ceca9edc212918196824a7f17236eeb6d4f318dee8011c

Analysis

max time kernel
65s
max time network
68s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
28-04-2023 10:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

serial_port_monitor.exe
Size

8.3MB
MD5

10514afd514e0a61cf43fbc17414a6e9
SHA1

a3ca346e3cdda0005f251faab937530000e9d127
SHA256

70f962dd6e6c654b77ceca9edc212918196824a7f17236eeb6d4f318dee8011c
SHA512

c32dc2fe3096f481d61a42cdf1d3e22a0a624690303992e0a296c4d3f894ad6bbccc9ca052d3b6a6272ddfcf09a12a9393abcc75cba565d3a8495a0d4a0dfabc
SSDEEP

196608:Mh2r2sJZhEwvUfG79VrKfErivkh96EMTVy6gq2gVmOVWo:MhqvZ6+U8l4rs9oTMtUmOco

Score

7^/10

discovery

Malware Config

Signatures

Checks BIOS information in registry 2 TTPs 2 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

SerialMonitorx64.exeSerialMonitorx64.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	SerialMonitorx64.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	SerialMonitorx64.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 11 IoCs

Processes:

serial_port_monitor.tmp

description	ioc	process
File opened for modification	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\unins000.dat	serial_port_monitor.tmp
File opened for modification	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\is-KI3D3.tmp	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\is-34NHT.tmp	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\unins000.msg	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\is-9MG1M.tmp	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\is-MMEH9.tmp	serial_port_monitor.tmp
File opened for modification	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe	serial_port_monitor.tmp
File opened for modification	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\unins000.dat	serial_port_monitor.tmp
File created	C:\Program Files\Electronic Team, Inc\Serial Port Monitor\is-6NUAK.tmp	serial_port_monitor.tmp

Drops file in Windows directory 3 IoCs

Processes:

SerialMonitorx64.exeSerialMonitor.exeSerialMonitorx64.exe

description	ioc	process
File opened for modification	C:\Windows\INF\setupapi.dev.log	SerialMonitorx64.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	SerialMonitor.exe
File opened for modification	C:\Windows\INF\setupapi.dev.log	SerialMonitorx64.exe

Executes dropped EXE 6 IoCs

Processes:

serial_port_monitor.tmp_setup64.tmpSerialMonitor.exeSerialMonitorx64.exeSerialMonitorx64.exeSerialMonitorx64.exe

pid process

1280 serial_port_monitor.tmp
1472 _setup64.tmp
1812 SerialMonitor.exe
1780 SerialMonitorx64.exe
872 SerialMonitorx64.exe
1560 SerialMonitorx64.exe

pid	process
1280	serial_port_monitor.tmp
1472	_setup64.tmp
1812	SerialMonitor.exe
1780	SerialMonitorx64.exe
872	SerialMonitorx64.exe
1560	SerialMonitorx64.exe

Loads dropped DLL 21 IoCs

Processes:

serial_port_monitor.exeserial_port_monitor.tmpSerialMonitor.exeSerialMonitorx64.exeSerialMonitorx64.exeSerialMonitorx64.exe

pid	process
1740	serial_port_monitor.exe
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp
1368
1368
1368
1368
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp
1812	SerialMonitor.exe
1812	SerialMonitor.exe
1280	serial_port_monitor.tmp
1780	SerialMonitorx64.exe
1280	serial_port_monitor.tmp
1368
872	SerialMonitorx64.exe
1368
1560	SerialMonitorx64.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 11 IoCs

Processes:

serial_port_monitor.tmp

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.spm	serial_port_monitor.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.spm\ = "ElectronicTeam.SerialPortMonitor"	serial_port_monitor.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor	serial_port_monitor.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\DefaultIcon\ = "C:\\Program Files\\Electronic Team, Inc\\Serial Port Monitor\\SerialMonitorx64.exe"	serial_port_monitor.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\Shell\ = "open"	serial_port_monitor.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\ = "Serial Port Monitor session"	serial_port_monitor.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\DefaultIcon	serial_port_monitor.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\Shell	serial_port_monitor.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\Shell\Open\Command	serial_port_monitor.tmp
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\Shell\Open	serial_port_monitor.tmp
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ElectronicTeam.SerialPortMonitor\Shell\Open\Command\ = "\"C:\\Program Files\\Electronic Team, Inc\\Serial Port Monitor\\SerialMonitorx64.exe\" /Open \"%1\" A-"	serial_port_monitor.tmp

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

serial_port_monitor.tmp

pid process

1280 serial_port_monitor.tmp
1280 serial_port_monitor.tmp
Suspicious behavior: LoadsDriver 4 IoCs

Processes:

pid process

468
468
468
468
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

serial_port_monitor.tmp

pid process

1280 serial_port_monitor.tmp
Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

SerialMonitor.exeSerialMonitorx64.exeSerialMonitorx64.exe

pid process

1812 SerialMonitor.exe
1780 SerialMonitorx64.exe
1560 SerialMonitorx64.exe

pid	process
1280	serial_port_monitor.tmp
1280	serial_port_monitor.tmp

pid	process
468
468
468
468

pid	process
1280	serial_port_monitor.tmp

pid	process
1812	SerialMonitor.exe
1780	SerialMonitorx64.exe
1560	SerialMonitorx64.exe

Suspicious use of WriteProcessMemory 27 IoCs

Processes:

serial_port_monitor.exeserial_port_monitor.tmp

description	pid	process	target process
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1740 wrote to memory of 1280	1740	serial_port_monitor.exe	serial_port_monitor.tmp
PID 1280 wrote to memory of 1472	1280	serial_port_monitor.tmp	_setup64.tmp
PID 1280 wrote to memory of 1472	1280	serial_port_monitor.tmp	_setup64.tmp
PID 1280 wrote to memory of 1472	1280	serial_port_monitor.tmp	_setup64.tmp
PID 1280 wrote to memory of 1472	1280	serial_port_monitor.tmp	_setup64.tmp
PID 1280 wrote to memory of 1156	1280	serial_port_monitor.tmp	reg.exe
PID 1280 wrote to memory of 1156	1280	serial_port_monitor.tmp	reg.exe
PID 1280 wrote to memory of 1156	1280	serial_port_monitor.tmp	reg.exe
PID 1280 wrote to memory of 1156	1280	serial_port_monitor.tmp	reg.exe
PID 1280 wrote to memory of 1812	1280	serial_port_monitor.tmp	SerialMonitor.exe
PID 1280 wrote to memory of 1812	1280	serial_port_monitor.tmp	SerialMonitor.exe
PID 1280 wrote to memory of 1812	1280	serial_port_monitor.tmp	SerialMonitor.exe
PID 1280 wrote to memory of 1812	1280	serial_port_monitor.tmp	SerialMonitor.exe
PID 1280 wrote to memory of 1780	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 1780	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 1780	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 1780	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 872	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 872	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 872	1280	serial_port_monitor.tmp	SerialMonitorx64.exe
PID 1280 wrote to memory of 872	1280	serial_port_monitor.tmp	SerialMonitorx64.exe

C:\Users\Admin\AppData\Local\Temp\serial_port_monitor.exe
"C:\Users\Admin\AppData\Local\Temp\serial_port_monitor.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1740

C:\Users\Admin\AppData\Local\Temp\is-HK2T2.tmp\serial_port_monitor.tmp
"C:\Users\Admin\AppData\Local\Temp\is-HK2T2.tmp\serial_port_monitor.tmp" /SL5="$70126,8146507,121344,C:\Users\Admin\AppData\Local\Temp\serial_port_monitor.exe"
2⤵
- Drops file in Program Files directory
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1280

C:\Users\Admin\AppData\Local\Temp\is-FMFM0.tmp\_isetup\_setup64.tmp
helper 105 0x1F8
3⤵
- Executes dropped EXE
PID:1472

C:\Windows\system32\reg.exe
"reg" copy "HKEY_LOCAL_MACHINE\SOFTWARE\ELTIMA Software\SerialMonitor" "HKEY_LOCAL_MACHINE\SOFTWARE\Electronic Team\SerialMonitor" /s /f
3⤵
PID:1156

C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe
"C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe" /install
3⤵
- Drops file in Windows directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1812

C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
"C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe" /install
3⤵
- Drops file in Windows directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1780

C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
"C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe"
3⤵
- Checks BIOS information in registry
- Executes dropped EXE
- Loads dropped DLL
PID:872

C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
"C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe"
1⤵
- Checks BIOS information in registry
- Drops file in Windows directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1560

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe
Filesize
7.7MB

MD5
c74ea38afcf5231bf36161552efdddd5

SHA1
f75b29cea68022fd36599320bd84c30b5744e0ce

SHA256
c15c87d9806bc339a74a7cd80a643eb77e3c55ce90ad18cc79e9f28d4d21d52e

SHA512
057bcfad8c18f32a270fe296171237aaf2a98be8bdb45577f303f6d167eda664b5f0d2313310f7fe034a04b81bb73c6805baa2cbc204bc80202cf78cb024e938

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe
Filesize
7.7MB

MD5
c74ea38afcf5231bf36161552efdddd5

SHA1
f75b29cea68022fd36599320bd84c30b5744e0ce

SHA256
c15c87d9806bc339a74a7cd80a643eb77e3c55ce90ad18cc79e9f28d4d21d52e

SHA512
057bcfad8c18f32a270fe296171237aaf2a98be8bdb45577f303f6d167eda664b5f0d2313310f7fe034a04b81bb73c6805baa2cbc204bc80202cf78cb024e938

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
C:\Program Files\Electronic Team, Inc\Serial Port Monitor\unins000.exe
Filesize
1.1MB

MD5
9bf9c92b989f325efe8ecfc19588c28a

SHA1
1ffb366ca42f8589753b2e7d3f906be61eb0c375

SHA256
8ab250bbbe2c4e5a9aaa767e767b53da3cb581d1e45582b3e65f1e1ef62356ea

SHA512
770e4be2178b07231221ddb8457c71648fcc21bf82c36f0c1a30788c87cb82a0195639b639e4aa6669bbc625d30a5a915146f14756d8b38959dda900fec5f831

Download Submit
C:\ProgramData\AutoUpdate\SerialMonitorx64.exe\Settings.xml
Filesize
774B

MD5
887dda3ea8c5e07014e6491295900205

SHA1
b933aac87da38422293e4294feb8bdd571e1d511

SHA256
fdf54b88ebc6bd25772d7f3db6c20132edd98eb050f9911bdc226ea5c64cdcd6

SHA512
a7b91c2643f5748de21557750765970c71ecb7e193adfe189dd86fdb36258bb766c6f0a2fa671d7e5b64f8d8a72b7e8302e9cf0de9e8c2fe8b2485340b6ceabd

Download Submit
C:\ProgramData\AutoUpdate\SerialMonitorx64.exe\SkippedVersions.xml
Filesize
60B

MD5
35e1ba488afb8750e88202c2725276c7

SHA1
542113bc9038aaf39ae80026d732b3bdbe10db37

SHA256
362b352cab09d9ab37d5558e8283652e747be017369d05b5a517a61765ccaf34

SHA512
bb72bafd23d82be55fad592fefcb367b128b8d2ac4ebb706af093b5d1b8513d4bcb4b25c2b088f6e025e550f0944edd972fb6d0f0c4c57bc119e66bbb653b4b0

Download Submit
C:\ProgramData\AutoUpdate\SerialMonitorx64.exe\Statistics.xml
Filesize
55B

MD5
6f4a6f22eb4e1d9c0af83b8e413e88b8

SHA1
aae506ed4366c5490c6acd9f7a466f135111d743

SHA256
7f21b4b275cf9d504c05ad6eb3b0cd26e499980d0dba4e52cfc09bd838c1871b

SHA512
e7b8a572ba0aacc00ad98517ad1fd84bf30cd09f3ebd3ed66b13bcba24dc95833a537e3b2d8ed9bd4387187aedec20dd14e0da03dc2c598705992e669bd4fa8b

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDE03.tmp
Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDE92.tmp
Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-FMFM0.tmp\_isetup\_setup64.tmp
Filesize
6KB

MD5
e4211d6d009757c078a9fac7ff4f03d4

SHA1
019cd56ba687d39d12d4b13991c9a42ea6ba03da

SHA256
388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95

SHA512
17257f15d843e88bb78adcfb48184b8ce22109cc2c99e709432728a392afae7b808ed32289ba397207172de990a354f15c2459b6797317da8ea18b040c85787e

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-HK2T2.tmp\serial_port_monitor.tmp
Filesize
1.1MB

MD5
9bf9c92b989f325efe8ecfc19588c28a

SHA1
1ffb366ca42f8589753b2e7d3f906be61eb0c375

SHA256
8ab250bbbe2c4e5a9aaa767e767b53da3cb581d1e45582b3e65f1e1ef62356ea

SHA512
770e4be2178b07231221ddb8457c71648fcc21bf82c36f0c1a30788c87cb82a0195639b639e4aa6669bbc625d30a5a915146f14756d8b38959dda900fec5f831

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-HK2T2.tmp\serial_port_monitor.tmp
Filesize
1.1MB

MD5
9bf9c92b989f325efe8ecfc19588c28a

SHA1
1ffb366ca42f8589753b2e7d3f906be61eb0c375

SHA256
8ab250bbbe2c4e5a9aaa767e767b53da3cb581d1e45582b3e65f1e1ef62356ea

SHA512
770e4be2178b07231221ddb8457c71648fcc21bf82c36f0c1a30788c87cb82a0195639b639e4aa6669bbc625d30a5a915146f14756d8b38959dda900fec5f831

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\AutoUpdate.dll
Filesize
2.9MB

MD5
2241e314d7bf2081a61260d45744ae28

SHA1
d5213619f5fe63be2c9b6736ca66209871de110a

SHA256
c1d1a6ad4477038f44d5ae1c49583f2b4f73b80e69adb904d78afc34241055c3

SHA512
89e664e8961b9908734560aae7f3ea1c994116175e7770fc25ac0af846c795df56a0e16bc8313d038052de1e08663e414498e1e5b5d357c7b65c9ad1d7b5c4e4

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe
Filesize
7.7MB

MD5
c74ea38afcf5231bf36161552efdddd5

SHA1
f75b29cea68022fd36599320bd84c30b5744e0ce

SHA256
c15c87d9806bc339a74a7cd80a643eb77e3c55ce90ad18cc79e9f28d4d21d52e

SHA512
057bcfad8c18f32a270fe296171237aaf2a98be8bdb45577f303f6d167eda664b5f0d2313310f7fe034a04b81bb73c6805baa2cbc204bc80202cf78cb024e938

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitor.exe
Filesize
7.7MB

MD5
c74ea38afcf5231bf36161552efdddd5

SHA1
f75b29cea68022fd36599320bd84c30b5744e0ce

SHA256
c15c87d9806bc339a74a7cd80a643eb77e3c55ce90ad18cc79e9f28d4d21d52e

SHA512
057bcfad8c18f32a270fe296171237aaf2a98be8bdb45577f303f6d167eda664b5f0d2313310f7fe034a04b81bb73c6805baa2cbc204bc80202cf78cb024e938

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\SerialMonitorx64.exe
Filesize
10.2MB

MD5
4aca4689bd0619c79e41b462fde2cb47

SHA1
af75a5f058111c803a7bdc14f702f287f6b327fc

SHA256
7aaffabde1305d5717f1ea16f7f3937822c2ce50628848f1049df9fdef526d41

SHA512
5e14544bbe83e42150693a4dac80cf6cef514cf858a8839e23ed086dad801fa1106ec28ffeab1b0837381daeb1fbbdcc184d1a712ac9cf9b404846f580732684

Download Submit
\Program Files\Electronic Team, Inc\Serial Port Monitor\unins000.exe
Filesize
1.1MB

MD5
9bf9c92b989f325efe8ecfc19588c28a

SHA1
1ffb366ca42f8589753b2e7d3f906be61eb0c375

SHA256
8ab250bbbe2c4e5a9aaa767e767b53da3cb581d1e45582b3e65f1e1ef62356ea

SHA512
770e4be2178b07231221ddb8457c71648fcc21bf82c36f0c1a30788c87cb82a0195639b639e4aa6669bbc625d30a5a915146f14756d8b38959dda900fec5f831

Download Submit
\Users\Admin\AppData\Local\Temp\is-FMFM0.tmp\_isetup\_setup64.tmp
Filesize
6KB

MD5
e4211d6d009757c078a9fac7ff4f03d4

SHA1
019cd56ba687d39d12d4b13991c9a42ea6ba03da

SHA256
388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95

SHA512
17257f15d843e88bb78adcfb48184b8ce22109cc2c99e709432728a392afae7b808ed32289ba397207172de990a354f15c2459b6797317da8ea18b040c85787e

Download Submit
\Users\Admin\AppData\Local\Temp\is-FMFM0.tmp\reset.dll
Filesize
90KB

MD5
5ea9495a552ba2ac9425f1946c5dc09d

SHA1
25ab84c5d746c5cea123fb5c7ee03c5ea764ac64

SHA256
64b0526e3fd0435d9093925839130f49445474b100eabb042c2427f66316d9c9

SHA512
0e4e31f81944ffd71a6211f61ed77f28f50807608817396b0c7d99d35f3ad6be8085f5026446b65e5bfd78ed39fd45d5fe862fd539bb549e7289ce7d100c4ddd

Download Submit
\Users\Admin\AppData\Local\Temp\is-HK2T2.tmp\serial_port_monitor.tmp
Filesize
1.1MB

MD5
9bf9c92b989f325efe8ecfc19588c28a

SHA1
1ffb366ca42f8589753b2e7d3f906be61eb0c375

SHA256
8ab250bbbe2c4e5a9aaa767e767b53da3cb581d1e45582b3e65f1e1ef62356ea

SHA512
770e4be2178b07231221ddb8457c71648fcc21bf82c36f0c1a30788c87cb82a0195639b639e4aa6669bbc625d30a5a915146f14756d8b38959dda900fec5f831

Download Submit
memory/1280-69-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/1280-138-0x0000000000400000-0x000000000052D000-memory.dmp

Filesize
1.2MB

Download
memory/1280-124-0x0000000000400000-0x000000000052D000-memory.dmp

Filesize
1.2MB

Download
memory/1280-61-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/1280-71-0x0000000000400000-0x000000000052D000-memory.dmp

Filesize
1.2MB

Download
memory/1280-68-0x0000000000400000-0x000000000052D000-memory.dmp

Filesize
1.2MB

Download
memory/1740-139-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1740-54-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1740-67-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads