Overview

overview

7

Static

static

3

ad320f0cd9...92.exe

windows7-x64

7

ad320f0cd9...92.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-07-2023 01:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad320f0cd9d54c0e0f86320f7f3744100a89cad81c79e7280ff42667bc56ba92.exe

  • Size

    789KB

  • MD5

    5bc2e7a89e09b584279c504f8884e9c8

  • SHA1

    90178ec8240e332eb3c66b5a02b68fd13553ca6a

  • SHA256

    ad320f0cd9d54c0e0f86320f7f3744100a89cad81c79e7280ff42667bc56ba92

  • SHA512

    0b3dce05dffc0ea9dd066e7cbc320026ef83149fb5a2501d18a2d0288d01261bdc95966cdafc4bbaca932d9449c79fc46aa19164848519d3905662f829bc382b

  • SSDEEP

    12288:nEExihnPg8v3/SioO0sBgWopQtgyM3ooZT1xOT6WQgpSOzK84YBn4CZL8Ko:EExynPRv3/XxK9yMTF1xQLdaYDl5o

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in System32 directory 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Drops file in Windows directory 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad320f0cd9d54c0e0f86320f7f3744100a89cad81c79e7280ff42667bc56ba92.exe
    "C:\Users\Admin\AppData\Local\Temp\ad320f0cd9d54c0e0f86320f7f3744100a89cad81c79e7280ff42667bc56ba92.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    PID:4308

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Skolekkkenet.lnk
    Filesize

    1KB

    MD5

    7ec32d1de7b60c0825d967b4a5695b95

    SHA1

    f9ceae9b999f34594bf50521226551d32a0770a7

    SHA256

    e78d63f8d4f6bc6f12a8148c8660f7ab4f34a7e5f19a9b0af80329185f429f03

    SHA512

    7e8caabf7012de6657429bdc3af243226fb47b97636fc0d6f64517fcd4e335de243d09d184a97c383aa0b80e04728fc9251411bcc3701d25d5008210c5ff847f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nspAC9D.tmp\System.dll
    Filesize

    11KB

    MD5

    fccff8cb7a1067e23fd2e2b63971a8e1

    SHA1

    30e2a9e137c1223a78a0f7b0bf96a1c361976d91

    SHA256

    6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e

    SHA512

    f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c

    Download Submit