e76233312d02f911315b6773c2e3c54aa8039f5094bfa0424349df01f6b0eddd

Analysis

max time kernel
2s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 10:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SecuriteInfo.com.Win32.HacktoolX-gen.8580.822.exe
Size

2.5MB
MD5

69f8c79f902bd40b20e509e469b1d653
SHA1

fe7adcd9fb6f64d33ac789969af01a04586d51bb
SHA256

e76233312d02f911315b6773c2e3c54aa8039f5094bfa0424349df01f6b0eddd
SHA512

5d5abff529d7d55a98dd20eb75271fce2f6af35feabb0971db4ed017c188861b1f5fd8b85dd6df632fa5b88452910f8a4e07387800747259b0c1be6fc195cd4d
SSDEEP

49152:nILgiWfZWWfjntkFX3aNBoSji6F2akq7vaB9aLXcxt/6XKqCVLSi37:nfR1fjnqV6o3ak0SyLXcxJ6XKLP37

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.8580.822.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.8580.822.exe"
1⤵
PID:1192
- C:\Windows\SysWOW64\control.exe
  "C:\Windows\System32\control.exe" "C:\Users\Admin\AppData\Local\Temp\_O2Vh.CPl",
  2⤵
  PID:1508
- - C:\Windows\SysWOW64\rundll32.exe
    "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL "C:\Users\Admin\AppData\Local\Temp\_O2Vh.CPl",
    3⤵
    PID:1356
  - - C:\Windows\system32\RunDll32.exe
      C:\Windows\system32\RunDll32.exe Shell32.dll,Control_RunDLL "C:\Users\Admin\AppData\Local\Temp\_O2Vh.CPl",
      4⤵
      PID:5076

C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\shell32.dll",#44 "C:\Users\Admin\AppData\Local\Temp\_O2Vh.CPl",
1⤵
PID:3380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_o2Vh.cpl

Filesize
382KB

MD5
1ecc7f30495c90ae70750aeeca671eee

SHA1
9b673185ce0662f2f9bc38542d97c9aba53bd563

SHA256
62abcc7eb7b24835853b4c6835464d68abfe57f79bd0a9efc69cc74c651db0db

SHA512
7faf3fefff52845e0d259ffc518e3f70ea7cdf497766c2dfc1e417ed208510e35bde3531abc01d551fa4761e7e5adc3ac559b5f4a9b8944c9b90aaf2cbf66670

Download Submit
C:\Users\Admin\AppData\Local\Temp\_o2Vh.cpl

Filesize
384KB

MD5
a11550071c2e98c98865eb1992dc8f08

SHA1
094947a3880d22bf9f65f985aa13d195aa9fb3dc

SHA256
8889fa25def2c01b241a9638e99d5b33b2ac7f28d59a8420136a092b2eec1eb2

SHA512
78c7242c680638ccb3be7652dbfa33d0abb090046a05826bf6e98297307dd9d06243f893e364ef4d9fa71d13e2106755b7bb6163ad91e48848b5290fedc04564

Download Submit
memory/1356-24-0x0000000003510000-0x0000000003629000-memory.dmp

Filesize
1.1MB

Download
memory/1356-52-0x0000000003510000-0x0000000003629000-memory.dmp

Filesize
1.1MB

Download
memory/1356-14-0x00000000029D0000-0x0000000002B0C000-memory.dmp

Filesize
1.2MB

Download
memory/1356-15-0x0000000002B10000-0x0000000002C2E000-memory.dmp

Filesize
1.1MB

Download
memory/1356-18-0x0000000002B10000-0x0000000002C2E000-memory.dmp

Filesize
1.1MB

Download
memory/1356-16-0x0000000002B10000-0x0000000002C2E000-memory.dmp

Filesize
1.1MB

Download
memory/1356-11-0x0000000000900000-0x0000000000906000-memory.dmp

Filesize
24KB

Download
memory/1356-22-0x0000000002C30000-0x00000000033F5000-memory.dmp

Filesize
7.8MB

Download
memory/1356-21-0x0000000002B10000-0x0000000002C2E000-memory.dmp

Filesize
1.1MB

Download
memory/1356-23-0x0000000003400000-0x000000000350F000-memory.dmp

Filesize
1.1MB

Download
memory/1356-12-0x0000000010000000-0x0000000010278000-memory.dmp

Filesize
2.5MB

Download
memory/1356-19-0x0000000010000000-0x0000000010278000-memory.dmp

Filesize
2.5MB

Download
memory/1356-53-0x00000000002B0000-0x00000000002C2000-memory.dmp

Filesize
72KB

Download
memory/3380-28-0x0000000001550000-0x0000000001556000-memory.dmp

Filesize
24KB

Download
memory/3380-33-0x0000000003680000-0x000000000379E000-memory.dmp

Filesize
1.1MB

Download
memory/3380-35-0x0000000003680000-0x000000000379E000-memory.dmp

Filesize
1.1MB

Download
memory/3380-31-0x0000000003540000-0x000000000367C000-memory.dmp

Filesize
1.2MB

Download
memory/3380-40-0x0000000003F70000-0x000000000407F000-memory.dmp

Filesize
1.1MB

Download
memory/3380-41-0x0000000004080000-0x0000000004199000-memory.dmp

Filesize
1.1MB

Download
memory/3380-44-0x0000000004080000-0x0000000004199000-memory.dmp

Filesize
1.1MB

Download
memory/3380-46-0x000000007B900000-0x000000007B94A000-memory.dmp

Filesize
296KB

Download
memory/3380-45-0x0000000000F00000-0x0000000000F12000-memory.dmp

Filesize
72KB

Download
memory/3380-32-0x0000000003680000-0x000000000379E000-memory.dmp

Filesize
1.1MB

Download
memory/3380-38-0x0000000003680000-0x000000000379E000-memory.dmp

Filesize
1.1MB

Download