Overview

overview

7

Static

static

1

setup.exe

windows7-x64

1

setup.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-08-2023 05:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    setup.exe

  • Size

    38.1MB

  • MD5

    ffa9f59de756117b49ab3ce3c87a1302

  • SHA1

    23e79c90ad484019625cf0e63eeeb35b29e4a707

  • SHA256

    f90e1de136cf72e6fc70ad095a1e1ce1987bf09b5065e31d696d5b8b96e3f7c4

  • SHA512

    99857e04bee48ba9aafcc4f9c715d70a58bf9e615d5e0513a9b9f0b4d11ad215fdb3cbab9e1785ee3790cb338bed3fdbbf2c3a2fcb7889ba823866f6f36e3f7a

  • SSDEEP

    393216:X+/NG5ZsMorU+/t7faX33c8XPn3klEvbYTAzs2ET7rHK5CwtvE1UZKuRsOG+1mFB:Xkk+YOj19FrmirY039oZ8OG

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    PID:2828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\pkg\837cb201a460a44d025689218d3b0e588ae3edbcd6ab11f415b147b5331cc843\ref-napi\prebuilds\win32-x64\node.napi.node
    Filesize

    579KB

    MD5

    153a5d422243f7f95721f6c2c5de8c9d

    SHA1

    b0f73501859500acd1eccbff3d790abb610511ef

    SHA256

    837cb201a460a44d025689218d3b0e588ae3edbcd6ab11f415b147b5331cc843

    SHA512

    d078e20939b7bb1f77b003200359aaad2c1405a9193a1df56786cc2f9ae58cd7fec2b0825740c3b107003f797bcb86784e12704fd4625ca11637a41955ed40cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pkg\837cb201a460a44d025689218d3b0e588ae3edbcd6ab11f415b147b5331cc843\ref-napi\prebuilds\win32-x64\node.napi.node
    Filesize

    579KB

    MD5

    153a5d422243f7f95721f6c2c5de8c9d

    SHA1

    b0f73501859500acd1eccbff3d790abb610511ef

    SHA256

    837cb201a460a44d025689218d3b0e588ae3edbcd6ab11f415b147b5331cc843

    SHA512

    d078e20939b7bb1f77b003200359aaad2c1405a9193a1df56786cc2f9ae58cd7fec2b0825740c3b107003f797bcb86784e12704fd4625ca11637a41955ed40cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pkg\b0e0c6ad80fccc92a41f644afe3ad1d7e4ebcac9caa94a9ccf4eaa0dea2247e3\ffi-napi\build\Release\ffi_bindings.node
    Filesize

    588KB

    MD5

    d1f6e50334a50a3f1f8e35e02d788ad9

    SHA1

    1eab95b23d8ef82bb3171ed751eb14e178cb88d2

    SHA256

    b0e0c6ad80fccc92a41f644afe3ad1d7e4ebcac9caa94a9ccf4eaa0dea2247e3

    SHA512

    9f40996f4a8a5c6fe17687162306a02a5292ffb82bf62a0a7afa4af8f4f52f6d44bff34b8e14cf936ea9c51780603cfaa0a9ce84935a7b509892e51be18b2c03

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pkg\b0e0c6ad80fccc92a41f644afe3ad1d7e4ebcac9caa94a9ccf4eaa0dea2247e3\ffi-napi\build\Release\ffi_bindings.node
    Filesize

    588KB

    MD5

    d1f6e50334a50a3f1f8e35e02d788ad9

    SHA1

    1eab95b23d8ef82bb3171ed751eb14e178cb88d2

    SHA256

    b0e0c6ad80fccc92a41f644afe3ad1d7e4ebcac9caa94a9ccf4eaa0dea2247e3

    SHA512

    9f40996f4a8a5c6fe17687162306a02a5292ffb82bf62a0a7afa4af8f4f52f6d44bff34b8e14cf936ea9c51780603cfaa0a9ce84935a7b509892e51be18b2c03

    Download Submit