Overview

overview

7

Static

static

3

nbtenum.exe

windows7-x64

7

nbtenum.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    163s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nbtenum.exe

  • Size

    1.1MB

  • MD5

    aea00225ad3b315757cc5d800bec92f4

  • SHA1

    a7eb4c1469c25bbb59b285c5932bded131a0ec73

  • SHA256

    1bf4608c6495003946100a021d61ebce94f85f992d339019f6381a508a9fa514

  • SHA512

    5510f48915cb1784d05f61d52400c5a83dfe460f0f8994fe356d6168492633bdd5eaf6dde7aed849528c0af383d1df4cc11c316ce578ab6793238b42cc6480f4

  • SSDEEP

    24576:yTj27VumGVzuu3WKb5GtZpCGc1c0E3MmLUzD8spcoOQh0k41wvumGVz:yn2xHeK7xtDCzcQ38spcVc4IHez

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\nbtenum.exe
    "C:\Users\Admin\AppData\Local\Temp\nbtenum.exe"
    1⤵
    • Loads dropped DLL
    PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\1823e8f62785746fd29cf0b06c636600.dll
    Filesize

    20KB

    MD5

    1823e8f62785746fd29cf0b06c636600

    SHA1

    86d42ade824900637c436ab3e21e961f008fd1a9

    SHA256

    6f4a6b43e131f83a3ae41c5930a977360e0ef1b21682a9753019f15d279e7400

    SHA512

    4753d36994f9b9cabb3a059f274dc009f43cb84d29e954f53e7614c944b22cd2a91a9667e158aa52ca0febbdcabbcc2462cb13e0b837a0de8d031cba7b1b1b7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\35b7d0081cb4404f7cd6bd1437a4f96b.dll
    Filesize

    80KB

    MD5

    35b7d0081cb4404f7cd6bd1437a4f96b

    SHA1

    7dbb91fe39383328d5b046c74c24078a65dbc19f

    SHA256

    05ebbff07ea9153e3b8972fc277bca7ab5a2ba790e6be5dd969ad76361a3566f

    SHA512

    767e4c671e6dd2fb6d892857f38efd9a0060d25656394eb9260c4675ec8c3643f0db66ffe4d2a69a604c206c3a16ca782fec84193607a7017ee297cd74abd5cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\35b7d0081cb4404f7cd6bd1437a4f96b.dll
    Filesize

    80KB

    MD5

    35b7d0081cb4404f7cd6bd1437a4f96b

    SHA1

    7dbb91fe39383328d5b046c74c24078a65dbc19f

    SHA256

    05ebbff07ea9153e3b8972fc277bca7ab5a2ba790e6be5dd969ad76361a3566f

    SHA512

    767e4c671e6dd2fb6d892857f38efd9a0060d25656394eb9260c4675ec8c3643f0db66ffe4d2a69a604c206c3a16ca782fec84193607a7017ee297cd74abd5cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\35b7d0081cb4404f7cd6bd1437a4f96b.dll
    Filesize

    80KB

    MD5

    35b7d0081cb4404f7cd6bd1437a4f96b

    SHA1

    7dbb91fe39383328d5b046c74c24078a65dbc19f

    SHA256

    05ebbff07ea9153e3b8972fc277bca7ab5a2ba790e6be5dd969ad76361a3566f

    SHA512

    767e4c671e6dd2fb6d892857f38efd9a0060d25656394eb9260c4675ec8c3643f0db66ffe4d2a69a604c206c3a16ca782fec84193607a7017ee297cd74abd5cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\541cd9bc8060027290e90d3e07d19dcb.dll
    Filesize

    28KB

    MD5

    541cd9bc8060027290e90d3e07d19dcb

    SHA1

    31819d2089bb1c0a6bab33b35f029b654f91b454

    SHA256

    ce06296a9e940f468da2bb27a2918cb130e4e90336bcc60bc116a87344766583

    SHA512

    06575040a6fcbf62aa8246459f5707b3f18ffa1cbe17a698050085a41acfd29f593adcf12260bf67f9de8a26ed626ad3ed7578ffdd127954badd8526a5f518a8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\541cd9bc8060027290e90d3e07d19dcb.dll
    Filesize

    28KB

    MD5

    541cd9bc8060027290e90d3e07d19dcb

    SHA1

    31819d2089bb1c0a6bab33b35f029b654f91b454

    SHA256

    ce06296a9e940f468da2bb27a2918cb130e4e90336bcc60bc116a87344766583

    SHA512

    06575040a6fcbf62aa8246459f5707b3f18ffa1cbe17a698050085a41acfd29f593adcf12260bf67f9de8a26ed626ad3ed7578ffdd127954badd8526a5f518a8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\541cd9bc8060027290e90d3e07d19dcb.dll
    Filesize

    28KB

    MD5

    541cd9bc8060027290e90d3e07d19dcb

    SHA1

    31819d2089bb1c0a6bab33b35f029b654f91b454

    SHA256

    ce06296a9e940f468da2bb27a2918cb130e4e90336bcc60bc116a87344766583

    SHA512

    06575040a6fcbf62aa8246459f5707b3f18ffa1cbe17a698050085a41acfd29f593adcf12260bf67f9de8a26ed626ad3ed7578ffdd127954badd8526a5f518a8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\613ea4841bea6de29dc932d703d0dde7.dll
    Filesize

    329KB

    MD5

    613ea4841bea6de29dc932d703d0dde7

    SHA1

    8b43d88380789c1314faa6e80fea1f79858133b2

    SHA256

    0d37c56924ab1b1ae583fc087ac9455a23a0faa4acf0d2011b52392c74240175

    SHA512

    25c18063603e1f7e4876728d7b1862ead948453ab287b5c6136bb594b89b2bb2d1f7f4ed89ec25ea78f37ced7339bca34381569afe34604c783644bfca53b76a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\613ea4841bea6de29dc932d703d0dde7.dll
    Filesize

    329KB

    MD5

    613ea4841bea6de29dc932d703d0dde7

    SHA1

    8b43d88380789c1314faa6e80fea1f79858133b2

    SHA256

    0d37c56924ab1b1ae583fc087ac9455a23a0faa4acf0d2011b52392c74240175

    SHA512

    25c18063603e1f7e4876728d7b1862ead948453ab287b5c6136bb594b89b2bb2d1f7f4ed89ec25ea78f37ced7339bca34381569afe34604c783644bfca53b76a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\613ea4841bea6de29dc932d703d0dde7.dll
    Filesize

    329KB

    MD5

    613ea4841bea6de29dc932d703d0dde7

    SHA1

    8b43d88380789c1314faa6e80fea1f79858133b2

    SHA256

    0d37c56924ab1b1ae583fc087ac9455a23a0faa4acf0d2011b52392c74240175

    SHA512

    25c18063603e1f7e4876728d7b1862ead948453ab287b5c6136bb594b89b2bb2d1f7f4ed89ec25ea78f37ced7339bca34381569afe34604c783644bfca53b76a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\6145f78a34d5ced8200800f1455d578a\perl58.dll
    Filesize

    784KB

    MD5

    6145f78a34d5ced8200800f1455d578a

    SHA1

    0713bce3b3bb747fc3bb6caaa941f77e7a2c44b8

    SHA256

    98b4e518e38ffca99ab07149e8d98847be6775917da99c3cc90e8864fa0ce97e

    SHA512

    d8ef885e1b72e58cc58ea6268abe7ba001864b3c809471eea9ca6c473d7dde1ab182d7c3e70ea82a39c831f80f8cc1662a0b8e501a6e355143dbc252ffb3d047

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\c143399f6c7f45a18fa1e3ed5b967407.dll
    Filesize

    156KB

    MD5

    c143399f6c7f45a18fa1e3ed5b967407

    SHA1

    f99af5f882f8330629b5c3b877586e7b8d8765b9

    SHA256

    12ce393323f93ff7628d1eed33bf9f5ee34c735a1b55c77064488b8f0e762eee

    SHA512

    9a728a0b3bd74285795be435083a72983abdf4853dbdf9e2791567d6abd017ada262c72530de6095a07e83ce33c84dea2e6d490879f40979230476e59ee4d8cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\c143399f6c7f45a18fa1e3ed5b967407.dll
    Filesize

    156KB

    MD5

    c143399f6c7f45a18fa1e3ed5b967407

    SHA1

    f99af5f882f8330629b5c3b877586e7b8d8765b9

    SHA256

    12ce393323f93ff7628d1eed33bf9f5ee34c735a1b55c77064488b8f0e762eee

    SHA512

    9a728a0b3bd74285795be435083a72983abdf4853dbdf9e2791567d6abd017ada262c72530de6095a07e83ce33c84dea2e6d490879f40979230476e59ee4d8cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\pdk-Admin\c143399f6c7f45a18fa1e3ed5b967407.dll
    Filesize

    156KB

    MD5

    c143399f6c7f45a18fa1e3ed5b967407

    SHA1

    f99af5f882f8330629b5c3b877586e7b8d8765b9

    SHA256

    12ce393323f93ff7628d1eed33bf9f5ee34c735a1b55c77064488b8f0e762eee

    SHA512

    9a728a0b3bd74285795be435083a72983abdf4853dbdf9e2791567d6abd017ada262c72530de6095a07e83ce33c84dea2e6d490879f40979230476e59ee4d8cb

    Download Submit

  • memory/2176-32-0x0000000002200000-0x0000000002214000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2176-24-0x0000000002E70000-0x0000000002E97000-memory.dmp

    Filesize

    156KB

    Download

  • memory/2176-16-0x0000000002160000-0x00000000021B8000-memory.dmp

    Filesize

    352KB

    Download