Overview

overview

6

Static

static

1

AppInstaller 11.6.exe

windows7-x64

1

AppInstaller 11.6.exe

windows10-2004-x64

6

Resubmissions

04/07/2023, 04:52

230704-fhwq5sbb42 6

04/07/2023, 04:45

230704-fds5fsbb28 6

Analysis

  • max time kernel
    8s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/07/2023, 04:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AppInstaller 11.6.exe

  • Size

    20.0MB

  • MD5

    bc4915dd472d41ab5aa5bb7d64a6be86

  • SHA1

    f5892a4ea271ed22c391efe41473211165db2b70

  • SHA256

    1c7dfa1e4b1ab71105b75c8a75af52317e901f7160e28765303da7f7988fa8da

  • SHA512

    4a7901e2018c800b86761a660a77a88b99189b0bd50875eb41363fc24649033687d13d36bafb622ca049db1846635a20034944a8c9b71291bd87e6006a7b0118

  • SSDEEP

    393216:2kJvkICSBwFjNiiFz62aBUyx7Whgt6sS1RT01snRzP9pzXo:ZJsICS8JrzhaBLJWiUsEB01snt9pzX

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AppInstaller 11.6.exe
    "C:\Users\Admin\AppData\Local\Temp\AppInstaller 11.6.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious behavior: EnumeratesProcesses
    PID:3880

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3880-133-0x00000000027E0000-0x00000000027E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-134-0x00000000027F0000-0x00000000027F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-135-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-136-0x0000000002AF0000-0x0000000002AF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-137-0x0000000002B00000-0x0000000002B01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-138-0x0000000002B10000-0x0000000002B11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-139-0x0000000002B20000-0x0000000002B21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3880-140-0x0000000000770000-0x000000000278D000-memory.dmp

    Filesize

    32.1MB

    Download