Overview

overview

7

Static

static

3

HBoot_v0.31 .exe

windows7-x64

1

HBoot_v0.31 .exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-10-2023 06:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HBoot_v0.31 .exe

  • Size

    19.4MB

  • MD5

    c05627169ff24eb0e9e7516294dce64a

  • SHA1

    c4d1f630d7b50113708809b1271f341b5d40f76c

  • SHA256

    5121b2ecfc75ad01c9dcc39d397fb2efaeaa798cae005c7eaa30faaf1481158a

  • SHA512

    180aff21e05a40fc95b6d328a1d3a016f47398df22790188d5bc9b76fa60a550817b75c2f6cdd26f4f2f8f99b6699ad34de702f7be1eaf0b651c030fe67a4e10

  • SSDEEP

    393216:+T3gJPN/ZEDfxh/4W+DjMt/c7oFpiA4bTbG+PoWsMa7mAi:O3gJV/Z0J+DjMt/5FpjR+Q57mA

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HBoot_v0.31 .exe
    "C:\Users\Admin\AppData\Local\Temp\HBoot_v0.31 .exe"
    1⤵
    • Loads dropped DLL
    PID:4520
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4520 -s 708
      2⤵
      • Program crash
      PID:3440
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4520 -ip 4520
    1⤵
      PID:2296

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\evbBD17.tmp
      Filesize

      1KB

      MD5

      fbdb8ec65e8d1bf6e9fef95e0690b0ff

      SHA1

      0e1a00e528babfaad2dc5132d7892b2fc687b2d1

      SHA256

      196976e5a5843cd21f5dfb68385474626982862ececf36db4ba1c6a60d276342

      SHA512

      e80f3bc405a2ce3dafebafcd73beb3babda4610f9435e997f37f53e084dfd09140ce24c79377615db627263b38eadc8de28fec00eeadd708473aafcf6e849782

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\evbC815.tmp
      Filesize

      1KB

      MD5

      8065a90a9a60de2b29d16ec5fd4eb2ed

      SHA1

      86987a8caf29ed4b22ce90cb818b278477d5f2ab

      SHA256

      0a85556e69adab909d18ebd1065fd6f71d4dd4286097e6c0c6c679adbb100858

      SHA512

      bbddb504b6cee1f8c59c444133eff4d06ee8788a4ffdb6d359aacf555471c00409cbf2dc232f3c3ea7165b4b1067d28d059787cdfeaa64359746270ea031909f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\evbC91F.tmp
      Filesize

      1KB

      MD5

      b21bc94972626d04b7dc96fdf77a6f11

      SHA1

      6e62eda35d7919a64ec62d13a4b4672a447af948

      SHA256

      d174eeecb5b141ac6aa2cafe7986bf576fed7ced0ad270ff07abbde38a089387

      SHA512

      9b70b4c2c9921ab9622a9aade37ce733465b044911e5513513199f3151a455000acf888b96bb6a0cfb557370be7550b5a268dfe8941313b0f8f8101a7a89efc2

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\evbC9EB.tmp
      Filesize

      1KB

      MD5

      82dcb5b8fba7c24f275b582fc24cd456

      SHA1

      46b8e57ebfa71e85ea26ceaf5ced41e9ee01d5a2

      SHA256

      f3dfc4c65e89932c35fae88a5d657b3ff16e3c73b9896eb1f6326ab087032ad1

      SHA512

      77297b3a1250f16458c91c87310b3bafc47d1514ce0f6b40d8942bfbca5d8529e37b8280f1d7a4ff290d1300fd9f8a5c4254d720afc2c7dccf82e62981fd81db

      Download Submit

    • memory/4520-20-0x000000006FE40000-0x000000006FFBE000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/4520-31-0x0000000068A80000-0x0000000069059000-memory.dmp

      Filesize

      5.8MB

      Download

    • memory/4520-7-0x0000000068A80000-0x0000000069059000-memory.dmp

      Filesize

      5.8MB

      Download

    • memory/4520-16-0x000000006EB40000-0x000000006EB64000-memory.dmp

      Filesize

      144KB

      Download

    • memory/4520-3-0x00000000779C3000-0x00000000779C4000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4520-21-0x000000006FE40000-0x000000006FFBE000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/4520-0-0x0000000000400000-0x0000000000470000-memory.dmp

      Filesize

      448KB

      Download

    • memory/4520-2-0x00000000779C2000-0x00000000779C3000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4520-30-0x0000000064B40000-0x0000000064B5B000-memory.dmp

      Filesize

      108KB

      Download

    • memory/4520-6-0x0000000068A80000-0x0000000069059000-memory.dmp

      Filesize

      5.8MB

      Download

    • memory/4520-33-0x0000000000400000-0x0000000000470000-memory.dmp

      Filesize

      448KB

      Download

    • memory/4520-34-0x0000000000400000-0x0000000000470000-memory.dmp

      Filesize

      448KB

      Download

    • memory/4520-35-0x000000006EB40000-0x000000006EB64000-memory.dmp

      Filesize

      144KB

      Download

    • memory/4520-36-0x0000000064B40000-0x0000000064B5B000-memory.dmp

      Filesize

      108KB

      Download

    • memory/4520-37-0x0000000000400000-0x0000000000470000-memory.dmp

      Filesize

      448KB

      Download

    • memory/4520-38-0x000000006EB40000-0x000000006EB64000-memory.dmp

      Filesize

      144KB

      Download

    • memory/4520-39-0x0000000064B40000-0x0000000064B5B000-memory.dmp

      Filesize

      108KB

      Download