Overview

overview

7

Static

static

3

肖筱果_...��.exe

windows7-x64

7

肖筱果_...��.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-08-2023 03:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    肖筱果_南洋理工大学_软件工程__大学成绩报表.exe

  • Size

    3.8MB

  • MD5

    6e61adc051bfc81df976f6866d80cac5

  • SHA1

    2175c5aaffa7301b1ad4f6609ee7ea89a5a8d38c

  • SHA256

    bc8a7dedc9ad7186a0b16a61e0bf3a170e89f054b888df32e25d5dbf198fa2af

  • SHA512

    d6b85e63d1975bd2b1aa857368ee0dccf91ed18ab7ab86d1988f2dff4b388004becd7ea8e7a93f4ff69108a2793510f2347f26c41aab3f8202f2099e5e7c8b04

  • SSDEEP

    98304:0a4x2hXK0qbkCu6xn0d7q6c9SNKbp3SoWaG35KehxfZO:07YXK0qbkQmd26c9SN+p3SoW9Uehx4

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\肖筱果_南洋理工大学_软件工程__大学成绩报表.exe
    "C:\Users\Admin\AppData\Local\Temp\肖筱果_南洋理工大学_软件工程__大学成绩报表.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:4772
    • C:\Users\Public\Documents\nvcontainer.exe
      C:\Users\Public\Documents\nvcontainer.exe curvy-accouter-missing-broiler
      2⤵
      • Executes dropped EXE
      • Suspicious use of AdjustPrivilegeToken
      PID:3412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Public\Documents\nvcontainer.exe
    Filesize

    3.8MB

    MD5

    b8c359cd55a61f82f672efe6698ed82f

    SHA1

    7db604f0888ade2f7b491c7b02cfdd2182f7c8a0

    SHA256

    56866e266238b3ce515d12472bcac501d61bcee47515d6c706bc31cb42c42696

    SHA512

    2afddbd4d99b8ff10401329e974d309dec7500d4b7e6eb69bbd4721018491ae88865ad04d4c1ab05dacae9bb49a4f387e54c6a3f65d08a3e61b5e5643697658b

    Download Submit

  • C:\Users\Public\Documents\nvcontainer.exe
    Filesize

    3.8MB

    MD5

    b8c359cd55a61f82f672efe6698ed82f

    SHA1

    7db604f0888ade2f7b491c7b02cfdd2182f7c8a0

    SHA256

    56866e266238b3ce515d12472bcac501d61bcee47515d6c706bc31cb42c42696

    SHA512

    2afddbd4d99b8ff10401329e974d309dec7500d4b7e6eb69bbd4721018491ae88865ad04d4c1ab05dacae9bb49a4f387e54c6a3f65d08a3e61b5e5643697658b

    Download Submit

  • memory/3412-137-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-139-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-140-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-141-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-143-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-144-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-145-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-142-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-146-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-147-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-148-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-149-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-150-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-151-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-152-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-153-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-154-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-155-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-156-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-157-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-158-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-160-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-159-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-161-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-162-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-163-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-164-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-165-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-166-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-167-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-168-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-169-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-170-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-171-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-172-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-173-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-174-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-175-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-176-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-177-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-180-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-178-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-179-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-181-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-182-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-183-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-184-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-185-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-186-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-187-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-188-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-189-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-190-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-191-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-192-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-193-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-194-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-195-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-197-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-198-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-199-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-196-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download

  • memory/3412-200-0x000001BB8D0D0000-0x000001BB8D123000-memory.dmp

    Filesize

    332KB

    Download