Analysis

  • max time kernel
    141s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-09-2023 00:26

General

  • Target

    setup-gridinsoft-fix.exe

  • Size

    2.2MB

  • MD5

    615283dd46e053f99e0ffadb63cf3708

  • SHA1

    233b17becb7d784328cc7baa3d5c6f8589ddc079

  • SHA256

    c58e9817069ca2da6d5330b911460d74bc66d51419e4a99e489fe392e4a6e7a3

  • SHA512

    cbf97d054e0a50f948e7cdb47ad3591161517526cf6a38f2d31dc761c3f214218ce5479bf439d1f3bee9b21e693d29ffb72095071c4295b82c55a52952ce8e39

  • SSDEEP

    49152:iWNuVKGn1oSyYDTIwZZWNhPHEWO9HTbxrLklTG0LXvhS/:6VVZYiWO9xrLklTG0LXvhS/

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup-gridinsoft-fix.exe
    "C:\Users\Admin\AppData\Local\Temp\setup-gridinsoft-fix.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2756-0-0x0000000000960000-0x0000000000961000-memory.dmp

    Filesize

    4KB

  • memory/2756-1-0x0000000000400000-0x0000000000643000-memory.dmp

    Filesize

    2.3MB

  • memory/2756-2-0x0000000000960000-0x0000000000961000-memory.dmp

    Filesize

    4KB

  • memory/2756-5-0x0000000000400000-0x0000000000643000-memory.dmp

    Filesize

    2.3MB

  • memory/2756-8-0x0000000000400000-0x0000000000643000-memory.dmp

    Filesize

    2.3MB