Analysis
-
max time kernel
62s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
12-10-2023 19:15
Static task
static1
Behavioral task
behavioral1
Sample
windirstat1_1_2_setup.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
windirstat1_1_2_setup.exe
Resource
win10v2004-20230915-en
General
-
Target
windirstat1_1_2_setup.exe
-
Size
630KB
-
MD5
3abf1c149873e25d4e266225fbf37cbf
-
SHA1
6fa92dd2ca691c11dfbfc0a239e34369897a7fab
-
SHA256
370a27a30ee57247faddeb1f99a83933247e07c8760a07ed82e451e1cb5e5cdd
-
SHA512
b6d9672a580a02299bc370deb1fd99b5ca10ab86456385870cdae522c185ae51f8d390a7c50fcb5c7898523f52c834bb73515ffc6d0b0bcde210640e815ece9e
-
SSDEEP
12288:yCjeMsiGVBKvjxTNlZaLlcMj+wXZvQpd9nP2+ZMU2tYspZcMwr/GNd35:yCjeTZa7BTsxewXZUTP2HU2yawjY5
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
Processes:
windirstat1_1_2_setup.exepid process 3664 windirstat1_1_2_setup.exe 3664 windirstat1_1_2_setup.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsjEA71.tmp\System.dllFilesize
10KB
MD54125926391466fdbe8a4730f2374b033
SHA1fdd23034ada72d2537939ac6755d7f7c0e9b3f0e
SHA2566692bd93bcd04146831652780c1170da79aa3784c3c070d95fb1580e339de6c5
SHA51232a1cf96842454b3c3641316ee39051ae024bdce9e88ac236eadad531f2c0a08d46b77d525f7d994c9a5af4cc9a391d30ee92b9ec782b7fb9a42c76f0f52a008
-
C:\Users\Admin\AppData\Local\Temp\nsjEA71.tmp\System.dllFilesize
10KB
MD54125926391466fdbe8a4730f2374b033
SHA1fdd23034ada72d2537939ac6755d7f7c0e9b3f0e
SHA2566692bd93bcd04146831652780c1170da79aa3784c3c070d95fb1580e339de6c5
SHA51232a1cf96842454b3c3641316ee39051ae024bdce9e88ac236eadad531f2c0a08d46b77d525f7d994c9a5af4cc9a391d30ee92b9ec782b7fb9a42c76f0f52a008
-
C:\Users\Admin\AppData\Local\Temp\nsjEA71.tmp\System.dllFilesize
10KB
MD54125926391466fdbe8a4730f2374b033
SHA1fdd23034ada72d2537939ac6755d7f7c0e9b3f0e
SHA2566692bd93bcd04146831652780c1170da79aa3784c3c070d95fb1580e339de6c5
SHA51232a1cf96842454b3c3641316ee39051ae024bdce9e88ac236eadad531f2c0a08d46b77d525f7d994c9a5af4cc9a391d30ee92b9ec782b7fb9a42c76f0f52a008