Overview

overview

7

Static

static

3

iZotope Oz...CE.exe

windows7-x64

7

iZotope Oz...CE.exe

windows10-1703-x64

7

Analysis

  • max time kernel
    1801s
  • max time network
    1596s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-es
  • resource tags

    arch:x64arch:x86image:win10-20230703-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    22-08-2023 23:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iZotope Ozone 9 Advanced v9.1.0 CE/iZotope Ozone Advanced v9.1.0 CE.exe

  • Size

    200.2MB

  • MD5

    e3f93801bb0567dd5b3885d38042ca49

  • SHA1

    3ab5ab426352e57523f0fff3da2eab1ed6247591

  • SHA256

    74e1410afeb56bbb80ac1720c808519bf0a0d8c36dde730d9d8d1d2d9bcd2f07

  • SHA512

    18e5f79757834ac39d26f3e96c59ab3dcf2d7d2b38f52d130812f4e95134c01190fa11d832138e2ed8784740328512513d8aa3ee814b0a8e5ca5a3e0a0b731a0

  • SSDEEP

    3145728:L0UKEg1ByOjzlTdBUIguMuZCdFiARte6vt3Ruz0crSXi/XtsoK1CpXXpq8jDfOqg:TgK45BUhK+t3dRup/XSouYX5XiaEOrAT

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\iZotope Ozone 9 Advanced v9.1.0 CE\iZotope Ozone Advanced v9.1.0 CE.exe
    "C:\Users\Admin\AppData\Local\Temp\iZotope Ozone 9 Advanced v9.1.0 CE\iZotope Ozone Advanced v9.1.0 CE.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3328
    • C:\Users\Admin\AppData\Local\Temp\is-1UA8T.tmp\iZotope Ozone Advanced v9.1.0 CE.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-1UA8T.tmp\iZotope Ozone Advanced v9.1.0 CE.tmp" /SL5="$60234,208803799,1158144,C:\Users\Admin\AppData\Local\Temp\iZotope Ozone 9 Advanced v9.1.0 CE\iZotope Ozone Advanced v9.1.0 CE.exe"
      2⤵
      • Executes dropped EXE
      PID:2612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-1UA8T.tmp\iZotope Ozone Advanced v9.1.0 CE.tmp
    Filesize

    2.8MB

    MD5

    58e0d9702e018db2bb30791be1fbfbc9

    SHA1

    57d360a8b6149ff57258593c96878af634b87f96

    SHA256

    5da1e7cd9dc3766cb54e6b0085ffd13eade7f3a4d59bb10102f5b70ebf3de848

    SHA512

    78990e29b08e218ac6fa11b6e8d46f274a27f35397261600382daf5bc03b69ccdb705e4eee33464617c04a080d9878af352f3322b999bf9b229bd6b43bb5353a

    Download Submit

  • memory/2612-123-0x0000000000870000-0x0000000000871000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2612-126-0x0000000000400000-0x00000000006DE000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2612-127-0x0000000000870000-0x0000000000871000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3328-118-0x0000000000400000-0x0000000000528000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/3328-125-0x0000000000400000-0x0000000000528000-memory.dmp

    Filesize

    1.2MB

    Download