Overview

overview

7

Static

static

3

MSCUSetup.exe

windows7-x64

7

MSCUSetup.exe

windows10-2004-x64

7

Resubmissions

21/05/2023, 08:51

230521-ksjlsabg9w 7

20/05/2023, 15:17

230520-sn192ada58 7

Analysis

  • max time kernel
    150s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/05/2023, 15:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MSCUSetup.exe

  • Size

    16.9MB

  • MD5

    04588356774cdb58119f9228ce8da2f6

  • SHA1

    f54e870cd345708ea32baa7bdb85679987552117

  • SHA256

    3ff7e61c6dd81be365d0f573f264f7e4a9ce736e17a6f8b978bc680761f6b702

  • SHA512

    5d0a2fa8b73f93dbfc89eb2064705752321d201298fc2247fd562b27e6710b6921a9abba52516f1e61402859af523ae035b852e6f88f308ce6bd643e2929841f

  • SSDEEP

    196608:/d6gM4aqPWt7vGN+SwBnZCd2rI2DUcagDFR83nhT26if4fUdq1qAAhk7CIdpFRPo:gRqPWY+S6kUWtmFK3nGf4am3FRrab

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MSCUSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\MSCUSetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Users\Admin\AppData\Local\Temp\is-G4RR5.tmp\MSCUSetup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-G4RR5.tmp\MSCUSetup.tmp" /SL5="$601C0,16334613,786432,C:\Users\Admin\AppData\Local\Temp\MSCUSetup.exe"
      2⤵
      • Executes dropped EXE
      PID:1544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-G4RR5.tmp\MSCUSetup.tmp
    Filesize

    3.0MB

    MD5

    ec693cd4b8039ab8a9c07e58b6052cfe

    SHA1

    b0e0521e74114a92a00fca0669495db7179ce121

    SHA256

    a9580614ec40930ab0a188b1a0cf978fb02eea3d938df1d539c424ead3b52c4a

    SHA512

    42c1079e22c4b067a030553797f4c06c9705a1b332571e8ffe1ce7f21514314959d9943879a7c10292e98dce69b5c99404ed62319c07a00661053e96d68b001f

    Download Submit

  • memory/1304-133-0x0000000000400000-0x00000000004CD000-memory.dmp

    Filesize

    820KB

    Download

  • memory/1304-140-0x0000000000400000-0x00000000004CD000-memory.dmp

    Filesize

    820KB

    Download

  • memory/1544-139-0x0000000000D10000-0x0000000000D11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1544-141-0x0000000000400000-0x0000000000708000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/1544-142-0x0000000000D10000-0x0000000000D11000-memory.dmp

    Filesize

    4KB

    Download