Overview

overview

7

Static

static

3

ALLDAYCLAS...up.exe

windows7-x64

7

ALLDAYCLAS...up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2023, 08:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ALLDAYCLASSIC_Setup.exe

  • Size

    3.8MB

  • MD5

    f48d640e621d5e8fd9ec93ae0c2650e1

  • SHA1

    26503a726ea7d209f55b769cfaf87821db163a70

  • SHA256

    d42e30c302ceef230a1d2acec9023f371dfcc63d70ef9c372092ae1a542e6755

  • SHA512

    38992af484887d99ead478b8ecb28597ba8d405e8a83689428138a8bd5878e1a5f06e80218d752066b3b6226ee4915c234ad3e373b8c98bd404e4a7088395c64

  • SSDEEP

    98304:8kLIVJ+WqtKcbausmatVwP1FJpLRCD8L85759YS0B:7tjbausLtVYFtj85Dq

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ALLDAYCLASSIC_Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\ALLDAYCLASSIC_Setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Users\Admin\AppData\Local\Temp\is-EITEJ.tmp\ALLDAYCLASSIC_Setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-EITEJ.tmp\ALLDAYCLASSIC_Setup.tmp" /SL5="$90154,3114238,1038336,C:\Users\Admin\AppData\Local\Temp\ALLDAYCLASSIC_Setup.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-EITEJ.tmp\ALLDAYCLASSIC_Setup.tmp
    Filesize

    3.2MB

    MD5

    5295893639d390e31609c8c854a382b8

    SHA1

    27c6daca6868584a9fd9b98c2185af456a8146ca

    SHA256

    f2fb545c54fb806541db9991f06b04ba4fae9c76a144c49174a223664d16edf7

    SHA512

    34241732c666db7b1fd9b4d5d2d6fd1ac54f4c425a3f8667684e72de97059b7f2a00b7d7ea015f633873e6bcf525250fc019938227fb91d53ef276b2a18b9485

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-EITEJ.tmp\ALLDAYCLASSIC_Setup.tmp
    Filesize

    3.2MB

    MD5

    5295893639d390e31609c8c854a382b8

    SHA1

    27c6daca6868584a9fd9b98c2185af456a8146ca

    SHA256

    f2fb545c54fb806541db9991f06b04ba4fae9c76a144c49174a223664d16edf7

    SHA512

    34241732c666db7b1fd9b4d5d2d6fd1ac54f4c425a3f8667684e72de97059b7f2a00b7d7ea015f633873e6bcf525250fc019938227fb91d53ef276b2a18b9485

    Download Submit

  • memory/2092-8-0x00000000003C0000-0x00000000003C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2092-12-0x0000000000400000-0x0000000000745000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/2092-13-0x00000000003C0000-0x00000000003C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2260-1-0x0000000000400000-0x000000000050B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2260-10-0x0000000000400000-0x000000000050B000-memory.dmp

    Filesize

    1.0MB

    Download