Overview

overview

8

Static

static

3

b533ea29bb...32.exe

windows7-x64

8

b533ea29bb...32.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/10/2023, 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b533ea29bb2780e08334728808da44d0_exe32.exe

  • Size

    146KB

  • MD5

    b533ea29bb2780e08334728808da44d0

  • SHA1

    689de4ecff0afd2b93ae9c94ff1f81eb0ef74eb8

  • SHA256

    47b80fd8fbeac3dad2639f457b6f97bd5cbadac004f468f230c714483cc90bcf

  • SHA512

    ad846789837db9ec53726347f31613edef2c28192dd4b679464b4fc26aebdef758db464ea17f44823a23296a4fb47ecd898022bba7bd9880cb254792d2d3d275

  • SSDEEP

    1536:AnbcF56LkSudjDThPlVwf5SiKRkdflA682DVsm9c6o1jIc+bxeMjmUd2T4iS7b71:l2khPlw5gRG0sG6o1sNwMjJ8TtSX71

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\b533ea29bb2780e08334728808da44d0_exe32.exe
    "C:\Users\Admin\AppData\Local\Temp\b533ea29bb2780e08334728808da44d0_exe32.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1284
  • C:\PROGRA~3\Mozilla\osznrcg.exe
    C:\PROGRA~3\Mozilla\osznrcg.exe -jeeiybc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:2408

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\osznrcg.exe
    Filesize

    146KB

    MD5

    c2ef6f782370697228831d96e560c921

    SHA1

    73f4ad0802d660ab53e450bf25d39be1891dc103

    SHA256

    0b8247bde6b4cb7ede866ca5458606968aa99c9144b1bdf35b6f38166bbeecf5

    SHA512

    1988fd252a2ea0b56c043d9d6e0ae71bc6c1588f2e69b78b5ce9b687eab37ca8c1cdacd118649ede3f448c0461711eda2a8a977ea4506223e03006a70c8df7f5

    Download Submit

  • C:\ProgramData\Mozilla\osznrcg.exe
    Filesize

    146KB

    MD5

    c2ef6f782370697228831d96e560c921

    SHA1

    73f4ad0802d660ab53e450bf25d39be1891dc103

    SHA256

    0b8247bde6b4cb7ede866ca5458606968aa99c9144b1bdf35b6f38166bbeecf5

    SHA512

    1988fd252a2ea0b56c043d9d6e0ae71bc6c1588f2e69b78b5ce9b687eab37ca8c1cdacd118649ede3f448c0461711eda2a8a977ea4506223e03006a70c8df7f5

    Download Submit

  • memory/1284-0-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/1284-1-0x00000000009E0000-0x0000000000A3B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1284-9-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2408-10-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2408-11-0x0000000000800000-0x000000000085B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2408-17-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download