Analysis
-
max time kernel
117s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system -
submitted
23-11-2023 12:01
Static task
static1
Behavioral task
behavioral1
Sample
1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe
Resource
win10v2004-20231023-en
General
-
Target
1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe
-
Size
423KB
-
MD5
dfe68fc0e09e7eca06dd6a4507809bf7
-
SHA1
e63a0c6e8c498ea67af03272293a53b710c0dbbe
-
SHA256
1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d
-
SHA512
64c8a990894fd042c2ca87769f963479852224068eb14e4bccbea1752dddd18ca4237263cf9bf96efc0f4183a053fabcb31283508cbc114c6c33fb0010d49fb9
-
SSDEEP
6144:rCGaECnpAoDO1A8dg3iTPJLMfgQAbsc5UrrxQR:GGHCnaomAEg3uPdkg9D2rxQR
Malware Config
Signatures
-
Drops file in Program Files directory 7 IoCs
description ioc Process File created C:\Program Files (x86)\EdrawSoft\EdrawMax\version.dll 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File opened for modification C:\Program Files (x86)\EdrawSoft\EdrawMax\version.dll 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File created C:\Program Files (x86)\EdrawSoft\EdrawMax\H_Hayat_x32.dll 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File opened for modification C:\Program Files (x86)\EdrawSoft\EdrawMax\H_Hayat_x32.dll 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File opened for modification C:\Program Files (x86)\EdrawSoft 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File opened for modification C:\Program Files (x86)\EdrawSoft\EdrawMax 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe File created C:\Program Files (x86)\EdrawSoft\EdrawMax\__tmp_rar_sfx_access_check_259410193 1a3d6985cd9712099d75b5c8ba49e38190bd2e8961adb699b8cd6bae2a1aa73d.exe