Overview

overview

7

Static

static

3

Zortam Mp4...en.exe

windows7-x64

7

Zortam Mp4...en.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    08/08/2023, 16:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe

  • Size

    14.9MB

  • MD5

    f30f21a408eddaabd33525c158109a06

  • SHA1

    c4786dd01744a7af7377e823e3973e38d4b3865b

  • SHA256

    6c3f24ff26c5d2f16ae6aa8842e97d402c2e203d0aa2798a40f4dc000554dbca

  • SHA512

    85f132d0f45438a3eebc5487614d6f5488e30ff170b5652f9373429d1a4ec1bdae12572c510dd3d48ace2c2c9564738428f4dc670180e94920f5b1528611e242

  • SSDEEP

    393216:9lzsKH0MR7lbsKH0MR7lrsKH0MR7ldo9+:9lzslMFlbslMFlrslMFlv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe
    "C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Users\Admin\AppData\Local\Temp\is-9K9QK.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-9K9QK.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp" /SL5="$9001C,14824386,832512,C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:1928

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-9K9QK.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp
          Filesize

          3.1MB

          MD5

          323c0a322cb13e2c267e0b61a1bde23a

          SHA1

          382a496f91391d9e984fc3f1b052f9f8321a191b

          SHA256

          f5d93b01287ecedb22133b2b73c979e1d032942e27c69a20a626e78d3c3848af

          SHA512

          a08055be783fe635ff49d858d1ba1902f2166d29a449f9f52967101343da1f4b192cb7549bc6f1fbafc3ef907af2d06258a92f48c32521b2b84d24c8386d66af

          Download Submit

        • \Users\Admin\AppData\Local\Temp\is-9K9QK.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp
          Filesize

          3.1MB

          MD5

          323c0a322cb13e2c267e0b61a1bde23a

          SHA1

          382a496f91391d9e984fc3f1b052f9f8321a191b

          SHA256

          f5d93b01287ecedb22133b2b73c979e1d032942e27c69a20a626e78d3c3848af

          SHA512

          a08055be783fe635ff49d858d1ba1902f2166d29a449f9f52967101343da1f4b192cb7549bc6f1fbafc3ef907af2d06258a92f48c32521b2b84d24c8386d66af

          Download Submit

        • memory/1928-61-0x0000000000240000-0x0000000000241000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1928-65-0x0000000000400000-0x000000000071C000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1928-66-0x0000000000240000-0x0000000000241000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3036-54-0x0000000000400000-0x00000000004D8000-memory.dmp

          Filesize

          864KB

          Download

        • memory/3036-63-0x0000000000400000-0x00000000004D8000-memory.dmp

          Filesize

          864KB

          Download