Overview

overview

7

Static

static

3

elxdrvr-fc...-2.exe

windows7-x64

7

elxdrvr-fc...-2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2023, 12:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    elxdrvr-fcoe-10.7.110.20-2.exe

  • Size

    1.9MB

  • MD5

    b2c10dd69e23054f8b9108b3da0bf490

  • SHA1

    b1e3eda41cc9421590c8bacfc9639bd6b27c540c

  • SHA256

    64ddc9313fc7119be93d2b437e07fbb62a335491ebbc1f7e16395af795c1895a

  • SHA512

    fd29153b2c6f66b0ab21d18bfd432c04438c14ae7e76631b95a4a379a2e2271486ffb0a70288835d8c1181503425e7e1776e22c540ff2011b618765dcd1c5c4f

  • SSDEEP

    49152:yr0T+ZBQHsCXbRClTRjcYq9XVYWrUr+MY5OXrWcshR:yusiVLsl1YY0V4M5OXZsh

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\elxdrvr-fcoe-10.7.110.20-2.exe
    "C:\Users\Admin\AppData\Local\Temp\elxdrvr-fcoe-10.7.110.20-2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2228

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\B7610C78\_Setup.dll
          Filesize

          369KB

          MD5

          9e940ad99131d82bb5a5fc1308e6bc50

          SHA1

          479bfe5c6f917652ca6e2c27e97a60c11c67643d

          SHA256

          f2bff14026af2ff82d2802b5bf6ef8854a7c70bacc1d9b82e6b26b705cbc71ec

          SHA512

          7888f8a2f738d3ef2befb881ccb0d70489e1fd88805645cb6e8045b541793aa3dd68f58d33d88d5801266f68c7cefbcb7fff64e1dd58ab04b6478cdc0fb53ea6

          Download Submit

        • \Users\Admin\AppData\Local\Temp\Tsu5B8F25AF.dll
          Filesize

          283KB

          MD5

          01d1c3bdadfd13a6e756f76bc33ffae6

          SHA1

          85588b0536475e4fe1ab9ef65815328a292c9d2a

          SHA256

          26a4de054c579ab89f362f9dab5045dc0cd8707100ee0f917363d553f7890736

          SHA512

          e819c8e3668b5fc32890ff20f364ffef499e5c08bf9aa3cc5c5976d122705ab2418c16ec907194f16bf24e37d551064259df441350cea9d032565fc960454a1f

          Download Submit