b9534cd4c50d424ef9f84968643640f2f8be5c7af29070522e2b79901bbb4e47

Analysis

max time kernel
1974s
max time network
1878s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2023, 05:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ukita_installer.exe
Size

38.1MB
MD5

9a7ca7d19750deeb067cbd8b03b5d2f2
SHA1

f49ce411734beae66280ff7ad657c8eff4611feb
SHA256

b9534cd4c50d424ef9f84968643640f2f8be5c7af29070522e2b79901bbb4e47
SHA512

83a0773b0e52f9c7e6372188a9eea84d0075c3ed4abbc293fbce0c8e149de2025c06e39c638bad4814086da54dc7391cd03e61f6919a6b2a206290250b5703f0
SSDEEP

786432:yourVd35zsTSqsT1R/Guw/JO5uoLbeMKAIQCVMlMWlmRJSxUIrLt4qJ8Obwmt:yxVdJzsTA1RW/Uva1ZVM5KaHrL2qmObT

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 3 IoCs

pid	Process
4616	ukita_installer.exe
4616	ukita_installer.exe
4616	ukita_installer.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\ukita_installer.exe
"C:\Users\Admin\AppData\Local\Temp\ukita_installer.exe"
1⤵
- Loads dropped DLL
PID:4616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsnAD3B.tmp\LangDLL.dll

Filesize
7KB

MD5
59c9eb67983097bbcf7508fac4706827

SHA1
c2b9f9b7e2708e3ffca8fbc2e3c041a7f727823f

SHA256
1fdce186c2b6e58c395f062cfd6fa5c55828e68ffd34cb00ea9a255c2e502a5d

SHA512
4ac9df062b7a53c71c5c028677f9cebd9ff72c5e49ccd4098c35780a4b0aae82b497d2a4b7ccbb9af82aebc13714eeef247827d5c8c509095f3c1d257bc3c098

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsnAD3B.tmp\System.dll

Filesize
27KB

MD5
ba90e5a1b71c1465046859e81243da7d

SHA1
36e120ecedde201aef1dddd5a962ae766ea6900f

SHA256
3136e7080ec70474b4a4fb619813af1822125c6c82f427a3d2610048d8548d89

SHA512
188358dcfba5064bec56b8a208500ba2d6dfe6ecbe528b410d0ac395210ed89d44e72c175428e73f4c63fd342fb4e5c3ffe256bc0390d73beee6c3ef6b7e22fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsnAD3B.tmp\nsDialogs.dll

Filesize
12KB

MD5
03c10358ddf27ecc2f7b6c856e713b40

SHA1
af0327e86da3a3b1d49a5cd1ef8346e303a4f525

SHA256
d7a31807bb8f41fd22e8bbc98c94fec4fd32eab9534d264e66f7455f8c92c22a

SHA512
997f0cd802d99cfd0ab878de93e89c555758f80bd86cf72ec17efbbfe2363f64198bf98d21addfb018cc4e1200086a61c28299242a2d55ab9e05726da105b520

Download Submit
memory/4616-23-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-32-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-6-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-13-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-14-0x00000000745A0000-0x00000000745A9000-memory.dmp

Filesize
36KB

Download
memory/4616-0-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-29-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-10-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-36-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-39-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-5-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-1-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-47-0x0000000000400000-0x00000000004CE000-memory.dmp

Filesize
824KB

Download
memory/4616-48-0x00000000744C0000-0x00000000744CB000-memory.dmp

Filesize
44KB

Download
memory/4616-49-0x00000000744B0000-0x00000000744BE000-memory.dmp

Filesize
56KB

Download