87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4

Analysis

max time kernel
161s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
14/11/2023, 19:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe
Size

4.8MB
MD5

24975eea0f90c7965ee7b7bb65238e53
SHA1

749b00e4279d3c187728e49b097585939d6dcf06
SHA256

87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4
SHA512

2f2f265e8386298fe7bc596fa67bbd599b93c7aa5f6b4e7b03388f9f7133151f4e072bfc3a76578648531618f092b8726946eba113f6d47a1fed3f5da308f8f5
SSDEEP

98304:DG5QgECFtYqWb5Ihoo0qxWFlQrn8QiwrtWHKeF4rRL6osJwr+eR5y:DG5VWbuhuqxWPQAKKUpkXeR5y

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3244	GenericSetup.exe

Loads dropped DLL 10 IoCs

pid	Process
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe
3244	GenericSetup.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3492 wrote to memory of 3244	3492	87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe	97
PID 3492 wrote to memory of 3244	3492	87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe	97
PID 3492 wrote to memory of 3244	3492	87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe	97

C:\Users\Admin\AppData\Local\Temp\87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe
"C:\Users\Admin\AppData\Local\Temp\87b6f40cb6141f61cdf967346148fa15c0fdde259db5a3f5f5cd385396e69da4.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3492
- C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.exe
  .\GenericSetup.exe
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:3244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.dll

Filesize
956KB

MD5
ecca2987f8c1ff078252957dcf735bde

SHA1
1c865a7e41c65f60fedd38b7d4037b51656e9658

SHA256
41fcaf1025fe175df4d97e6f150ef84e2bb39edd7b9f58103cacbc66ec6bd05e

SHA512
ed56ba93a02eb12a64fee1d1ba6d36963f1127365cb7b6dfa4e58a5da489c480a0e65a764d4ad8cfce1923c61b9b2718a56f455e8859e301b065c1d1cba295b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.dll

Filesize
956KB

MD5
ecca2987f8c1ff078252957dcf735bde

SHA1
1c865a7e41c65f60fedd38b7d4037b51656e9658

SHA256
41fcaf1025fe175df4d97e6f150ef84e2bb39edd7b9f58103cacbc66ec6bd05e

SHA512
ed56ba93a02eb12a64fee1d1ba6d36963f1127365cb7b6dfa4e58a5da489c480a0e65a764d4ad8cfce1923c61b9b2718a56f455e8859e301b065c1d1cba295b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.dll

Filesize
956KB

MD5
ecca2987f8c1ff078252957dcf735bde

SHA1
1c865a7e41c65f60fedd38b7d4037b51656e9658

SHA256
41fcaf1025fe175df4d97e6f150ef84e2bb39edd7b9f58103cacbc66ec6bd05e

SHA512
ed56ba93a02eb12a64fee1d1ba6d36963f1127365cb7b6dfa4e58a5da489c480a0e65a764d4ad8cfce1923c61b9b2718a56f455e8859e301b065c1d1cba295b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.exe

Filesize
22KB

MD5
70dba0e94c4a3bf12d13906fee5a775f

SHA1
a84da5a0b1996230c6fbf357aa2e846c397a2922

SHA256
5e0fc7463867143d72afc7a5e59a6a94fd6666c4695cefc30077928cfac88fbf

SHA512
e4636917202e76e1f82972a23e48a0922d00ba41a326251197396f241122880e20e9b9487842ecc3e10494558fa69bb77e126a2690dc6c7dfcc090e75db446dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.exe

Filesize
22KB

MD5
70dba0e94c4a3bf12d13906fee5a775f

SHA1
a84da5a0b1996230c6fbf357aa2e846c397a2922

SHA256
5e0fc7463867143d72afc7a5e59a6a94fd6666c4695cefc30077928cfac88fbf

SHA512
e4636917202e76e1f82972a23e48a0922d00ba41a326251197396f241122880e20e9b9487842ecc3e10494558fa69bb77e126a2690dc6c7dfcc090e75db446dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\GenericSetup.exe.config

Filesize
876B

MD5
fb0f6ec442c72190b9a27bdfd53563bb

SHA1
aa4ffdd00fd053c34fe46eab426fef5f7381965f

SHA256
99c598e9b85a47f0fbde66a7fed7eb896a15ca2af869ebb2007b2a2ce64c14fd

SHA512
a6ff4a2032535d8d7a586e1b7b206807d13232d75aa82b83863a1a0d6c97cd053283be6f459c0176c2eebe76304d82f943952b99b448494f2085c951dc0402fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\HtmlAgilityPack.dll

Filesize
149KB

MD5
7874850410e21b5f48bfe34174fb318c

SHA1
19522b1b9d932aa89df580c73ef629007ec32b6f

SHA256
c6250da15c349033de9b910c3dc10a156e47d69ec7e2076ce9011af7f3d885d1

SHA512
dad611ca9779b594aad7898261cc7ef0db500850eb81560c04d5d938ae4e2338e786773f63f59aab6564ad13acb4800f1862a2189803cc8cc8ad26a368f25eaa

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\HtmlAgilityPack.dll

Filesize
149KB

MD5
7874850410e21b5f48bfe34174fb318c

SHA1
19522b1b9d932aa89df580c73ef629007ec32b6f

SHA256
c6250da15c349033de9b910c3dc10a156e47d69ec7e2076ce9011af7f3d885d1

SHA512
dad611ca9779b594aad7898261cc7ef0db500850eb81560c04d5d938ae4e2338e786773f63f59aab6564ad13acb4800f1862a2189803cc8cc8ad26a368f25eaa

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\HtmlAgilityPack.dll

Filesize
149KB

MD5
7874850410e21b5f48bfe34174fb318c

SHA1
19522b1b9d932aa89df580c73ef629007ec32b6f

SHA256
c6250da15c349033de9b910c3dc10a156e47d69ec7e2076ce9011af7f3d885d1

SHA512
dad611ca9779b594aad7898261cc7ef0db500850eb81560c04d5d938ae4e2338e786773f63f59aab6564ad13acb4800f1862a2189803cc8cc8ad26a368f25eaa

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\MyDownloader.Core.dll

Filesize
56KB

MD5
f931e960cc4ed0d2f392376525ff44db

SHA1
1895aaa8f5b8314d8a4c5938d1405775d3837109

SHA256
1c1c5330ea35f518bf85fad69dc2da1a98a4dfeadbf6ac0ba0ac7cc51bbcc870

SHA512
7fa5e582ad1bb094cbbb68b1db301dcf360e180eb58f8d726a112133277ceaa39660c6d4b3248c19a8b5767a4ae09f4597535711d789ca4f9f334a204d87ffe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\MyDownloader.Core.dll

Filesize
56KB

MD5
f931e960cc4ed0d2f392376525ff44db

SHA1
1895aaa8f5b8314d8a4c5938d1405775d3837109

SHA256
1c1c5330ea35f518bf85fad69dc2da1a98a4dfeadbf6ac0ba0ac7cc51bbcc870

SHA512
7fa5e582ad1bb094cbbb68b1db301dcf360e180eb58f8d726a112133277ceaa39660c6d4b3248c19a8b5767a4ae09f4597535711d789ca4f9f334a204d87ffe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\MyDownloader.Core.dll

Filesize
56KB

MD5
f931e960cc4ed0d2f392376525ff44db

SHA1
1895aaa8f5b8314d8a4c5938d1405775d3837109

SHA256
1c1c5330ea35f518bf85fad69dc2da1a98a4dfeadbf6ac0ba0ac7cc51bbcc870

SHA512
7fa5e582ad1bb094cbbb68b1db301dcf360e180eb58f8d726a112133277ceaa39660c6d4b3248c19a8b5767a4ae09f4597535711d789ca4f9f334a204d87ffe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\Ninject.dll

Filesize
133KB

MD5
ce80365e2602b7cff0222e0db395428c

SHA1
50c9625eda1d156c9d7a672839e9faaea1dffdbd

SHA256
3475dd6f1612e984573276529d8147029d6bfa55d41bef2577b3aa601d2fbbe5

SHA512
5ea1de091a108143bb74fccdb4f0553f72613e58d8551fff51ce1aab34636c856758719dfa1a0e4cc833acb8e75729793dede65c4562e1aa3f68ec50463d36f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\Ninject.dll

Filesize
133KB

MD5
ce80365e2602b7cff0222e0db395428c

SHA1
50c9625eda1d156c9d7a672839e9faaea1dffdbd

SHA256
3475dd6f1612e984573276529d8147029d6bfa55d41bef2577b3aa601d2fbbe5

SHA512
5ea1de091a108143bb74fccdb4f0553f72613e58d8551fff51ce1aab34636c856758719dfa1a0e4cc833acb8e75729793dede65c4562e1aa3f68ec50463d36f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\Ninject.dll

Filesize
133KB

MD5
ce80365e2602b7cff0222e0db395428c

SHA1
50c9625eda1d156c9d7a672839e9faaea1dffdbd

SHA256
3475dd6f1612e984573276529d8147029d6bfa55d41bef2577b3aa601d2fbbe5

SHA512
5ea1de091a108143bb74fccdb4f0553f72613e58d8551fff51ce1aab34636c856758719dfa1a0e4cc833acb8e75729793dede65c4562e1aa3f68ec50463d36f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\uTorrent.dll

Filesize
16KB

MD5
3874fde8fba64c608c34e8298172b7a4

SHA1
3a3b0df8361f3504f6ba2652e0e66d3416e15ab4

SHA256
14fe894c07d53a14351d6e22dd9877b75ae53bc2ad985e312c695c3c37ca4b63

SHA512
292b29e389b0b3e40a9dfad710f564e9c42464ea400e438949db1bd4a7db7318743e1bee01bdf55ae209575011e20816e5d92373d0d498de7f57c5617ba3a381

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\uTorrent.dll

Filesize
16KB

MD5
3874fde8fba64c608c34e8298172b7a4

SHA1
3a3b0df8361f3504f6ba2652e0e66d3416e15ab4

SHA256
14fe894c07d53a14351d6e22dd9877b75ae53bc2ad985e312c695c3c37ca4b63

SHA512
292b29e389b0b3e40a9dfad710f564e9c42464ea400e438949db1bd4a7db7318743e1bee01bdf55ae209575011e20816e5d92373d0d498de7f57c5617ba3a381

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS4AD09708\uTorrent.dll

Filesize
16KB

MD5
3874fde8fba64c608c34e8298172b7a4

SHA1
3a3b0df8361f3504f6ba2652e0e66d3416e15ab4

SHA256
14fe894c07d53a14351d6e22dd9877b75ae53bc2ad985e312c695c3c37ca4b63

SHA512
292b29e389b0b3e40a9dfad710f564e9c42464ea400e438949db1bd4a7db7318743e1bee01bdf55ae209575011e20816e5d92373d0d498de7f57c5617ba3a381

Download Submit
memory/3244-95-0x0000000005530000-0x000000000555C000-memory.dmp

Filesize
176KB

Download
memory/3244-91-0x0000000004EF0000-0x0000000004F00000-memory.dmp

Filesize
64KB

Download
memory/3244-90-0x0000000005340000-0x0000000005368000-memory.dmp

Filesize
160KB

Download
memory/3244-86-0x0000000004F00000-0x0000000004F08000-memory.dmp

Filesize
32KB

Download
memory/3244-82-0x0000000004F10000-0x0000000005004000-memory.dmp

Filesize
976KB

Download
memory/3244-96-0x0000000004EF0000-0x0000000004F00000-memory.dmp

Filesize
64KB

Download
memory/3244-78-0x0000000074B30000-0x00000000752E0000-memory.dmp

Filesize
7.7MB

Download
memory/3244-77-0x00000000004F0000-0x00000000004FA000-memory.dmp

Filesize
40KB

Download
memory/3244-76-0x0000000074B30000-0x00000000752E0000-memory.dmp

Filesize
7.7MB

Download
memory/3244-100-0x00000000009F0000-0x0000000000A02000-memory.dmp

Filesize
72KB

Download
memory/3244-101-0x0000000005780000-0x0000000005812000-memory.dmp

Filesize
584KB

Download
memory/3244-102-0x00000000058C0000-0x0000000005926000-memory.dmp

Filesize
408KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads