Overview

overview

3

Static

static

3

InfoRelease.exe

windows7-x64

1

InfoRelease.exe

windows10-2004-x64

1

KTBusiness.dll

windows7-x64

1

KTBusiness.dll

windows10-2004-x64

1

KTCommon.dll

windows7-x64

1

KTCommon.dll

windows10-2004-x64

1

KTControl.dll

windows7-x64

1

KTControl.dll

windows10-2004-x64

1

KTEntity.dll

windows7-x64

1

KTEntity.dll

windows10-2004-x64

1

KTTools.dll

windows7-x64

1

KTTools.dll

windows10-2004-x64

1

KtPlayer.exe

windows7-x64

1

KtPlayer.exe

windows10-2004-x64

1

VideoPlayer.exe

windows7-x64

1

VideoPlayer.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 21:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    InfoRelease.exe

  • Size

    1.1MB

  • MD5

    999596281b589653039e535b142fda49

  • SHA1

    3c2898f2b6fd3120386323c58929ea14fda87140

  • SHA256

    c6c73c60a5eabade6668fc8653d3a57ba300cec9cec0a891b7f52b649b3035ce

  • SHA512

    0425c6b9215399fc4b215bb0c04fa7f692ae2fc61131d9b6d189597d9db139b33e22d9a45e762d02ead67a72a9dc7d6093caa3ef79d5dd452c5b588495d29c39

  • SSDEEP

    24576:s8nx+uJjHCUobZ56HNmqY5IQtnQIVly7u6rN2SSSSfTx+:s8n7EbLkNmJ5R+kkpqT

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 28 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\InfoRelease.exe
    "C:\Users\Admin\AppData\Local\Temp\InfoRelease.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1864-1-0x00000000000E0000-0x00000000001FE000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1864-0-0x00000000744C0000-0x0000000074BAE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1864-2-0x00000000008B0000-0x00000000008BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1864-3-0x0000000001FC0000-0x0000000001FE2000-memory.dmp

    Filesize

    136KB

    Download

  • memory/1864-4-0x0000000002060000-0x0000000002070000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1864-5-0x00000000020C0000-0x00000000020E2000-memory.dmp

    Filesize

    136KB

    Download

  • memory/1864-6-0x0000000002080000-0x00000000020C0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1864-7-0x0000000002200000-0x0000000002262000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1864-8-0x0000000002080000-0x00000000020C0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1864-9-0x0000000002080000-0x00000000020C0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1864-10-0x00000000744C0000-0x0000000074BAE000-memory.dmp

    Filesize

    6.9MB

    Download