Analysis
-
max time kernel
139s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
11-10-2023 23:46
Static task
static1
Behavioral task
behavioral1
Sample
Feonjuackm.bin.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Feonjuackm.bin.dll
Resource
win10v2004-20230915-en
General
-
Target
Feonjuackm.bin.dll
-
Size
583KB
-
MD5
0245e02cbb6ffe2716c2aeb7fb8006d0
-
SHA1
59dd3d2477211eb4fcd72b542812a2036fa0e1e8
-
SHA256
5d5bc4f497406b59369901b9a79e1e9d1e0a690c0b2e803f4fbfcb391bcfeef1
-
SHA512
0c2e863512f2d83429e681cbcdb31bf9c6f0a69611f6d8923198d51d1e49750f4bf441c8ce256fb44a9cb39a6855e70fcbc644739926570214400bd06a683d82
-
SSDEEP
12288:ujan3B7+2OoGEwYXorDxBDWgyv9cii8VPezCTr:Jn3B7+2OyJo/DWz9cS2zW
Malware Config
Signatures
-
Modifies registry class 2 IoCs
Processes:
regsvr32.exedescription ioc process Set value (data) \REGISTRY\USER\S-1-5-21-1141987721-3945596982-3297311814-1000_Classes\CLSID\{D77ECDCF-43BB-AF61-6AA6-68BBB8C2F91E}\ = 9604e862ca97139f46ca905f7a41421d789b9250a3ea31b0fd26e6470b1f688b4bf5bdf8db90fe9a117e0f1c4d7ef63c3bdfb498ed4f0451162ce54b6d0fb4710c7dfd970db141b202277e30c67a71964e0628397ec631fee84783229d4cff5206e01fa8d17f10734d8416ce3b2d4c462654473b074d4cf66162a9a5ccb90e40d09400fe686892cc0564ae176e33d70179bf8263584d38908a13782f3f2743de9d39ca5b9ac026df1347d61c65aa85a889ec06d88ddba01ef5f68a1238c816c59c76954edf046e3bc300e4e9e2783d104039d2cb186a2b4120a1027d2d415e1105868cbf106fa48ca70af4f1a8e477bdd3ac00c0133924c31efde9e2a73c71db01ed69b01cefe974f69323578efbfa632dbee4cb regsvr32.exe Key created \REGISTRY\USER\S-1-5-21-1141987721-3945596982-3297311814-1000_Classes\CLSID\{D77ECDCF-43BB-AF61-6AA6-68BBB8C2F91E} regsvr32.exe -
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2660-1-0x00000000009E0000-0x0000000000A2F000-memory.dmpFilesize
316KB
-
memory/2660-2-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB
-
memory/2660-8-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB
-
memory/2660-9-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB
-
memory/2660-10-0x00000000009E0000-0x0000000000A2F000-memory.dmpFilesize
316KB
-
memory/2660-13-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB
-
memory/2660-14-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB
-
memory/2660-16-0x00000000022E0000-0x000000000232C000-memory.dmpFilesize
304KB