Overview
overview
8Static
static
3ISSetup.dll
windows7-x64
1ISSetup.dll
windows10-2004-x64
1Install Up...t).hta
windows7-x64
3Install Up...t).hta
windows10-2004-x64
8important/...up.exe
windows7-x64
1important/...up.exe
windows10-2004-x64
7important/ISSetup.dll
windows7-x64
1important/ISSetup.dll
windows10-2004-x64
1important/setup.exe
windows7-x64
4important/setup.exe
windows10-2004-x64
4unistall.exe
windows7-x64
1unistall.exe
windows10-2004-x64
1Analysis
-
max time kernel
155s -
max time network
170s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
14-10-2023 00:33
Static task
static1
Behavioral task
behavioral1
Sample
ISSetup.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
ISSetup.dll
Resource
win10v2004-20230915-en
Behavioral task
behavioral3
Sample
Install Updater (silent).hta
Resource
win7-20230831-en
Behavioral task
behavioral4
Sample
Install Updater (silent).hta
Resource
win10v2004-20230915-en
Behavioral task
behavioral5
Sample
important/AsusSetup.exe
Resource
win7-20230831-en
Behavioral task
behavioral6
Sample
important/AsusSetup.exe
Resource
win10v2004-20230915-en
Behavioral task
behavioral7
Sample
important/ISSetup.dll
Resource
win7-20230831-en
Behavioral task
behavioral8
Sample
important/ISSetup.dll
Resource
win10v2004-20230915-en
Behavioral task
behavioral9
Sample
important/setup.exe
Resource
win7-20230831-en
Behavioral task
behavioral10
Sample
important/setup.exe
Resource
win10v2004-20230915-en
Behavioral task
behavioral11
Sample
unistall.exe
Resource
win7-20230831-en
Behavioral task
behavioral12
Sample
unistall.exe
Resource
win10v2004-20230915-en
General
-
Target
ISSetup.dll
-
Size
773KB
-
MD5
a17a7931b3524d05253c5aa3d06fd364
-
SHA1
f8fdbf930d7d4178f464c0e5f9dc3ae510760747
-
SHA256
36a641a6639d6e64bba621ef1b7c1ec69be52a53a9168be2a8a50ee1c0394e8c
-
SHA512
32aba57d57b1d664aa9023ed249a59c797f92ec4a966de7499f91f05f9b0242ccc75b44dc7ef9d3962bc7d7232fc7f30a95ce890f4ac41b369c6252b117849a8
-
SSDEEP
12288:ju4+8dmpdCVCkg2jLX5aCRIOMK9Ji0BHY5MqZ9BpD1CsXyibT9JHW:juegpcVCgjr5aCBHH69RCG72
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4896 wrote to memory of 4448 4896 regsvr32.exe 87 PID 4896 wrote to memory of 4448 4896 regsvr32.exe 87 PID 4896 wrote to memory of 4448 4896 regsvr32.exe 87