Overview

overview

7

Static

static

1

DiskView.exe

windows7-x64

7

DiskView.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    15/11/2023, 11:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DiskView.exe

  • Size

    567KB

  • MD5

    16ccd5f530a930d9a03e3e06a6e1ec1b

  • SHA1

    21963aec7ee0cb808ad25209923be500ccd5948e

  • SHA256

    d186dac0a61eb1331d1371c733ec4b1925baed55f3c17f67efece537496050ff

  • SHA512

    19b030bd44961faab7f318616d7e61f77cabae7a34dfc4677e87f407967e9eaa319964e29a3e861f21f570f204480c7ac6674a1bac4e1947aec7db606eace656

  • SSDEEP

    12288:JWxhW1CGbjzjhTwfvY2CHNskW7KWsJV6YwdZ4vXy:JCCjt+vY2CmkW7KBJQYYZEy

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DiskView.exe
    "C:\Users\Admin\AppData\Local\Temp\DiskView.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Users\Admin\AppData\Local\Temp\DiskView64.exe
      "C:\Users\Admin\AppData\Local\Temp\DiskView.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2068

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\DiskView64.exe
          Filesize

          308KB

          MD5

          51694368cf86e9d83326bbfa333af6bf

          SHA1

          a6169387ebdd4670586edbaa9e21f087b5eb57f6

          SHA256

          04d3217da39428e0cb19f03efde95424564162606ad48ac101e1e7d3bffdac9e

          SHA512

          28ce166f14ad5877490adb7b0f9fd0b6586210dead8e3aee18dba3021a6aac84a72ab949d559f0d891d3c110ad79c3b64e525f167e0273bff3070ab94faf31dc

          Download Submit

        • \Users\Admin\AppData\Local\Temp\DiskView64.exe
          Filesize

          308KB

          MD5

          51694368cf86e9d83326bbfa333af6bf

          SHA1

          a6169387ebdd4670586edbaa9e21f087b5eb57f6

          SHA256

          04d3217da39428e0cb19f03efde95424564162606ad48ac101e1e7d3bffdac9e

          SHA512

          28ce166f14ad5877490adb7b0f9fd0b6586210dead8e3aee18dba3021a6aac84a72ab949d559f0d891d3c110ad79c3b64e525f167e0273bff3070ab94faf31dc

          Download Submit

        • \Users\Admin\AppData\Local\Temp\DiskView64.exe
          Filesize

          308KB

          MD5

          51694368cf86e9d83326bbfa333af6bf

          SHA1

          a6169387ebdd4670586edbaa9e21f087b5eb57f6

          SHA256

          04d3217da39428e0cb19f03efde95424564162606ad48ac101e1e7d3bffdac9e

          SHA512

          28ce166f14ad5877490adb7b0f9fd0b6586210dead8e3aee18dba3021a6aac84a72ab949d559f0d891d3c110ad79c3b64e525f167e0273bff3070ab94faf31dc

          Download Submit