Overview

overview

8

Static

static

3

d2dfd5eb8b...32.exe

windows7-x64

8

d2dfd5eb8b...32.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/10/2023, 19:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2dfd5eb8b88cda513321c4c9bced760_exe32.exe

  • Size

    175KB

  • MD5

    d2dfd5eb8b88cda513321c4c9bced760

  • SHA1

    6b6f648ec24304facd1e84444c32213f99286d01

  • SHA256

    a2b1bfb706aade1fffebf28e92c64df930bfe6b94aecdab1a7c84b133e00b929

  • SHA512

    520f941861d91e8686d425cae5e12f449c6270ea8eb440bc1b1f857edb8d61d49e639496f0d4d57cd36b48865417cab3ab9501599f7928b07c39a05b649bb32e

  • SSDEEP

    3072:mMPrK9vxnULAK202Gd8pqzX2cZVoL8XJsU4z6Z7kYeKBXAJRxddkd4:zP295nKJNGYok4YXeoXkRxka

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\d2dfd5eb8b88cda513321c4c9bced760_exe32.exe
    "C:\Users\Admin\AppData\Local\Temp\d2dfd5eb8b88cda513321c4c9bced760_exe32.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2524
  • C:\PROGRA~3\Mozilla\osznrcg.exe
    C:\PROGRA~3\Mozilla\osznrcg.exe -jeeiybc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1136

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\osznrcg.exe
    Filesize

    175KB

    MD5

    6b1f1196d26e7fb40589ed7c0474d58e

    SHA1

    60f3b7be49983c9e304dc24c0703864601da73e2

    SHA256

    6b96100e7cc05476567040c5f8af4e4b49db8f1a7498f15a6673bc6d17aed6d8

    SHA512

    7dd8a41aa2b938b5375596f34d4682ea9fa8434401c61ef41120108d7b3ce56e0205a105f30510c6bf61c70e296aa221c10087889e71d76352be62ee1e11f9e8

    Download Submit

  • C:\ProgramData\Mozilla\osznrcg.exe
    Filesize

    175KB

    MD5

    6b1f1196d26e7fb40589ed7c0474d58e

    SHA1

    60f3b7be49983c9e304dc24c0703864601da73e2

    SHA256

    6b96100e7cc05476567040c5f8af4e4b49db8f1a7498f15a6673bc6d17aed6d8

    SHA512

    7dd8a41aa2b938b5375596f34d4682ea9fa8434401c61ef41120108d7b3ce56e0205a105f30510c6bf61c70e296aa221c10087889e71d76352be62ee1e11f9e8

    Download Submit

  • memory/1136-10-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1136-11-0x0000000000CB0000-0x0000000000D0B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2524-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2524-1-0x00000000020C0000-0x000000000211B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2524-9-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download