Overview

overview

7

Static

static

3

Zortam Mp4...en.exe

windows7-x64

7

Zortam Mp4...en.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-08-2023 16:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe

  • Size

    14.9MB

  • MD5

    f30f21a408eddaabd33525c158109a06

  • SHA1

    c4786dd01744a7af7377e823e3973e38d4b3865b

  • SHA256

    6c3f24ff26c5d2f16ae6aa8842e97d402c2e203d0aa2798a40f4dc000554dbca

  • SHA512

    85f132d0f45438a3eebc5487614d6f5488e30ff170b5652f9373429d1a4ec1bdae12572c510dd3d48ace2c2c9564738428f4dc670180e94920f5b1528611e242

  • SSDEEP

    393216:9lzsKH0MR7lbsKH0MR7lrsKH0MR7ldo9+:9lzslMFlbslMFlrslMFlv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe
    "C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Users\Admin\AppData\Local\Temp\is-RJL9P.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-RJL9P.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp" /SL5="$60060,14824386,832512,C:\Users\Admin\AppData\Local\Temp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.exe"
      2⤵
      • Executes dropped EXE
      PID:4344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-RJL9P.tmp\Zortam Mp4 Media Studio Pro 26.13 + Keygen.tmp
    Filesize

    3.1MB

    MD5

    323c0a322cb13e2c267e0b61a1bde23a

    SHA1

    382a496f91391d9e984fc3f1b052f9f8321a191b

    SHA256

    f5d93b01287ecedb22133b2b73c979e1d032942e27c69a20a626e78d3c3848af

    SHA512

    a08055be783fe635ff49d858d1ba1902f2166d29a449f9f52967101343da1f4b192cb7549bc6f1fbafc3ef907af2d06258a92f48c32521b2b84d24c8386d66af

    Download Submit

  • memory/2360-134-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/2360-141-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/4344-139-0x0000000002810000-0x0000000002811000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4344-142-0x0000000000400000-0x000000000071C000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/4344-143-0x0000000002810000-0x0000000002811000-memory.dmp

    Filesize

    4KB

    Download