Overview

overview

3

Static

static

3

Instalar.exe

windows10-1703-x64

3

Analysis

  • max time kernel
    385s
  • max time network
    1588s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    04-05-2023 00:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Instalar.exe

  • Size

    139KB

  • MD5

    a280996c6eb6397bc7aff7970e14211c

  • SHA1

    f37523b8153c3bb6913351458f2f31d8cc3d4c63

  • SHA256

    4fb63c0d80c10972a63424a0bc66087166b37aa26ce139c4123b3f09850a46c9

  • SHA512

    0e7edaa7bdb6bfee666514fde792a83b495204b7efc814e5ce8beb133084f1af819f29d73d80d09befbb51e3cbc048ab06c4a702444d528e48b804a6693eede5

  • SSDEEP

    3072:EliUPXC8k1nJrX+fNTBfSl4kZPSF+mTAUMa:EzBkLL2NTB6IjpMa

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Instalar.exe
    "C:\Users\Admin\AppData\Local\Temp\Instalar.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4328
    • C:\Windows\System32\cmd.exe
      "C:\Windows\sysnative\cmd.exe" /c "C:\Users\Admin\AppData\Local\Temp\719B.tmp\719C.tmp\719D.bat C:\Users\Admin\AppData\Local\Temp\Instalar.exe"
      2⤵
        PID:2100

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\719B.tmp\719C.tmp\719D.bat
      Filesize

      29B

      MD5

      4197c41f89be72d041f3de41f05acea3

      SHA1

      57f8eec257622fca27bc76ac18cc7da0c58f14b4

      SHA256

      a6a978987d15576614fa2ff1b31167096dbb00b64177bd047178b366683d82e3

      SHA512

      cb28c961f22c42a2890b702b2d8d8b3891a917fef3411e8e0cde2e15df3e5751620df54e3c4c4196f78ebd59aeb549948b862b92c838cb493e9b69c6b69f1ede

      Download Submit