Overview

overview

7

Static

static

3

Curriculum...na.exe

windows7-x64

7

Curriculum...na.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2023, 10:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Curriculum Vitae Silvia M Helena.exe

  • Size

    837KB

  • MD5

    b4fe0171652263b957a73f658ab54681

  • SHA1

    0213a8ad946040f0b3afec2f38d69b4057ef8875

  • SHA256

    f9b14ff098a68f6150bd3e40ded6710ce1a0a11962e5b198beb1bd3a7863a2b1

  • SHA512

    93bfb6570ab7e9f6ef0678873c809d1c1793d837d2d6f4072303acc48dc6ea7d4bd2bc2c8edb7b852f0614ab17406c1d084a72edfacfb02671684879ccc58351

  • SSDEEP

    24576:aMRXa6IHrvTfoWIdlK9UJldXa7GYfpBhtD/o:T+rv4dNHdXVY3o

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 4 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 56 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 9 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 15 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:3288
    • C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe
      "C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe"
      2⤵
      • Suspicious use of SetThreadContext
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:1796
      • C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe
        "C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe"
        3⤵
          PID:4428
        • C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe
          "C:\Users\Admin\AppData\Local\Temp\Curriculum Vitae Silvia M Helena.exe"
          3⤵
          • Suspicious use of SetThreadContext
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious behavior: MapViewOfSection
          PID:3236
      • C:\Windows\SysWOW64\where.exe
        "C:\Windows\SysWOW64\where.exe"
        2⤵
        • Suspicious use of SetThreadContext
        • Modifies Internet Explorer settings
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: MapViewOfSection
        • Suspicious use of WriteProcessMemory
        PID:3496
        • C:\Program Files\Mozilla Firefox\Firefox.exe
          "C:\Program Files\Mozilla Firefox\Firefox.exe"
          3⤵
            PID:1424

      Network

            MITRE ATT&CK Enterprise v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/1796-10-0x0000000007130000-0x00000000071AE000-memory.dmp

              Filesize

              504KB

              Download

            • memory/1796-11-0x0000000007250000-0x00000000072EC000-memory.dmp

              Filesize

              624KB

              Download

            • memory/1796-2-0x0000000005A50000-0x0000000005FF4000-memory.dmp

              Filesize

              5.6MB

              Download

            • memory/1796-3-0x00000000054A0000-0x0000000005532000-memory.dmp

              Filesize

              584KB

              Download

            • memory/1796-4-0x0000000005640000-0x0000000005994000-memory.dmp

              Filesize

              3.3MB

              Download

            • memory/1796-5-0x0000000005630000-0x0000000005640000-memory.dmp

              Filesize

              64KB

              Download

            • memory/1796-6-0x00000000055E0000-0x00000000055EA000-memory.dmp

              Filesize

              40KB

              Download

            • memory/1796-7-0x0000000005A30000-0x0000000005A4A000-memory.dmp

              Filesize

              104KB

              Download

            • memory/1796-8-0x00000000062B0000-0x00000000062B8000-memory.dmp

              Filesize

              32KB

              Download

            • memory/1796-9-0x0000000002CD0000-0x0000000002CDA000-memory.dmp

              Filesize

              40KB

              Download

            • memory/1796-1-0x0000000000960000-0x0000000000A38000-memory.dmp

              Filesize

              864KB

              Download

            • memory/1796-0-0x0000000074BF0000-0x00000000753A0000-memory.dmp

              Filesize

              7.7MB

              Download

            • memory/1796-14-0x0000000074BF0000-0x00000000753A0000-memory.dmp

              Filesize

              7.7MB

              Download

            • memory/3236-24-0x0000000001210000-0x000000000122F000-memory.dmp

              Filesize

              124KB

              Download

            • memory/3236-15-0x0000000001270000-0x00000000015BA000-memory.dmp

              Filesize

              3.3MB

              Download

            • memory/3236-16-0x0000000000400000-0x000000000043E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3236-17-0x0000000000400000-0x000000000043E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3236-18-0x0000000000400000-0x000000000043E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3236-19-0x0000000001210000-0x000000000122F000-memory.dmp

              Filesize

              124KB

              Download

            • memory/3236-12-0x0000000000400000-0x000000000043E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3236-23-0x0000000000400000-0x000000000043E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3288-52-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-66-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-105-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-104-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-103-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-102-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-28-0x00000000082B0000-0x0000000008397000-memory.dmp

              Filesize

              924KB

              Download

            • memory/3288-29-0x00000000082B0000-0x0000000008397000-memory.dmp

              Filesize

              924KB

              Download

            • memory/3288-30-0x000000000A620000-0x000000000A928000-memory.dmp

              Filesize

              3.0MB

              Download

            • memory/3288-101-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-38-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-39-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-41-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-40-0x00000000076F0000-0x0000000007700000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-100-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-43-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-45-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-47-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-46-0x00000000082B0000-0x0000000008397000-memory.dmp

              Filesize

              924KB

              Download

            • memory/3288-44-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-49-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-50-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-51-0x0000000007700000-0x0000000007710000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-20-0x000000000A620000-0x000000000A928000-memory.dmp

              Filesize

              3.0MB

              Download

            • memory/3288-53-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-54-0x0000000007700000-0x0000000007710000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-55-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-56-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-57-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-59-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-61-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-62-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-63-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-64-0x0000000007700000-0x0000000007710000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-65-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-99-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-67-0x00000000076F0000-0x0000000007700000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-69-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-70-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-71-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-68-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-72-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-73-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-74-0x0000000007E40000-0x0000000007E50000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-75-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-76-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-77-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-79-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-81-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-78-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-83-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-84-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-85-0x0000000007ED0000-0x0000000007EE0000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-86-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-87-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-88-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-90-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-92-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-94-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-96-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-97-0x0000000002C20000-0x0000000002C30000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-98-0x0000000007ED0000-0x0000000007EE0000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3496-22-0x0000000000AE0000-0x0000000000B1A000-memory.dmp

              Filesize

              232KB

              Download

            • memory/3496-42-0x0000000002880000-0x000000000291E000-memory.dmp

              Filesize

              632KB

              Download

            • memory/3496-37-0x0000000000AE0000-0x0000000000B1A000-memory.dmp

              Filesize

              232KB

              Download

            • memory/3496-27-0x0000000002880000-0x000000000291E000-memory.dmp

              Filesize

              632KB

              Download

            • memory/3496-26-0x0000000000AE0000-0x0000000000B1A000-memory.dmp

              Filesize

              232KB

              Download

            • memory/3496-25-0x0000000002A50000-0x0000000002D9A000-memory.dmp

              Filesize

              3.3MB

              Download

            • memory/3496-21-0x0000000000AE0000-0x0000000000B1A000-memory.dmp

              Filesize

              232KB

              Download