a1fb409b7cf3b6126e638bb570fa08d9b6333d80bcbfde940044f0148cbde1ab

Analysis

max time kernel
178s
max time network
190s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 05:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

07b4d9d62be9269ead5b2c123f0941eb.exe
Size

26KB
MD5

07b4d9d62be9269ead5b2c123f0941eb
SHA1

669edade86103f22413d2534a564c5f82d8f8dd2
SHA256

a1fb409b7cf3b6126e638bb570fa08d9b6333d80bcbfde940044f0148cbde1ab
SHA512

52654a10ad24f72148e76af14d1ca60b4dbe31fef3edac70e08a776abf3329fae440332fe23eb0b10836d34e11049a8a2c06318ac7713a6150485e05c4ab177a
SSDEEP

384:CRdCyNMqlWSmQmzNPKm4AyJTDEamisyU2AzFVp0Alx6vJ6h8xGeDd:2CyKqlbmQAVpGOFLv83R

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 4 IoCs

pid	Process
4244	07b4d9d62be9269ead5b2c123f0941eb.exe
4244	07b4d9d62be9269ead5b2c123f0941eb.exe
4244	07b4d9d62be9269ead5b2c123f0941eb.exe
4244	07b4d9d62be9269ead5b2c123f0941eb.exe

Drops file in System32 directory 8 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\bv.map	07b4d9d62be9269ead5b2c123f0941eb.exe
File created	C:\Windows\SysWOW64\bv.map	07b4d9d62be9269ead5b2c123f0941eb.exe
File created	C:\Windows\SysWOW64\bv.exe	07b4d9d62be9269ead5b2c123f0941eb.exe
File opened for modification	C:\Windows\SysWOW64\bv.exe	07b4d9d62be9269ead5b2c123f0941eb.exe
File created	C:\Windows\SysWOW64\bv.tmp	07b4d9d62be9269ead5b2c123f0941eb.exe
File opened for modification	C:\Windows\SysWOW64\bvdow1	07b4d9d62be9269ead5b2c123f0941eb.exe
File opened for modification	C:\Windows\SysWOW64\bv.tmp	07b4d9d62be9269ead5b2c123f0941eb.exe
File created	C:\Windows\SysWOW64\07b4d9d62be9269ead5b2c123f0941eb.exe	07b4d9d62be9269ead5b2c123f0941eb.exe

C:\Users\Admin\AppData\Local\Temp\07b4d9d62be9269ead5b2c123f0941eb.exe
"C:\Users\Admin\AppData\Local\Temp\07b4d9d62be9269ead5b2c123f0941eb.exe"
1⤵
- Loads dropped DLL
- Drops file in System32 directory
PID:4244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\SysWOW64\bv.exe

Filesize
969KB

MD5
acc8f3a6b18b34aabe703ed1f9235bbe

SHA1
877bb78ca5ea825511e81bfb04a051d6461c8344

SHA256
d1447e38363346d4f573464e770d1c63d3ec0db7cc7ff7af058008bdce458c86

SHA512
e235b02e054cd64e57b3331e33f948c4bf5c8b32858737c511a626eecc63e06116b274d6f0320a93b0484b4fa4fd7c8864b905e08cab3e7098c553df22728145

Download Submit
C:\Windows\SysWOW64\bv.exe

Filesize
835KB

MD5
99f33305864eb332432e0a115c2ece85

SHA1
5f43733adf9a0cdf5bc4d3f02c98e1bf23909005

SHA256
939195e092912a72ae72011e124e50cb8cf4654279358045c39b3302e9559df2

SHA512
696567f6f75197598ebb0c8d65192d424fb67dcce0cb1e2dabf23c9bac502584b4c9e3c559cf9c705f984933cb49c4c0cd214af359255cc75f7dbde239dcef53

Download Submit
C:\Windows\SysWOW64\bv.map

Filesize
3.5MB

MD5
fa9f487389c3514276a6e3c3b2b9b9f6

SHA1
8a1e8af27f6be28759cfabb189a4c63fa2096ee8

SHA256
f83fefa451a4f1f9589af590176a9236cfe48fc6ea83db67bf254a2e65ebb320

SHA512
60c081f55b5fd696bd9c30cc307c83e0edc6472b0baccbb7a787cea24ef8293dcfa8e65e7d9136fdc2882e6a8963ae7ca2f0140eccba3270df5bc049c45b8c58

Download Submit
C:\odt\office2016setup.exe

Filesize
168KB

MD5
bd3350464846341e11b8245adc654f8c

SHA1
594e3c8104dfbd543899d4ec2b74b2a04972bb5d

SHA256
3426a5f9b24a37c5159b25879cef638d51c246704fa9563918b6022ff5077214

SHA512
e997edfb680d5796d1f75d10c0d8244a07d9c63edf77d7d8e77a9b4fa1369f2233c74d3f21830c3c855c36f4b56c8bee4f2e4503daebb82c0b865ce894871677

Download Submit
C:\odt\office2016setup.exe

Filesize
258KB

MD5
08ce073fef5c864806f0d0c9a74445ff

SHA1
ce510a7583fefa7416e598a6aeb0b24f177d911d

SHA256
ed3989b08a109447173d777ec3ae094766085a09ab9b63a86489f20ae718728a

SHA512
7ed87d1b61c14bece42d5c895e62d588b03aa90b80200a314dd25b9b3f835a1ba1ed62a4c77cfdd91c0997f35da2dc7fe1b79461953d77c4a22f2a58f4267e28

Download Submit
memory/4244-0-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download
memory/4244-29-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download
memory/4244-32-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads