Overview
overview
3Static
static
3Temp/Setup/FB.exe
windows7-x64
1Temp/Setup/FB.exe
windows10-2004-x64
1Temp/Setup/JAV.exe
windows7-x64
1Temp/Setup/JAV.exe
windows10-2004-x64
1Temp/Setup/MCB.exe
windows7-x64
1Temp/Setup/MCB.exe
windows10-2004-x64
1Temp/Setup/SUMO.exe
windows7-x64
1Temp/Setup/SUMO.exe
windows10-2004-x64
1Temp/Setup/Setup.exe
windows7-x64
1Temp/Setup/Setup.exe
windows10-2004-x64
1Temp/Setup/StdWzd.dll
windows7-x64
1Temp/Setup/StdWzd.dll
windows10-2004-x64
3Temp/Setup/Tips.ps1
windows7-x64
1Temp/Setup/Tips.ps1
windows10-2004-x64
1Temp/Setup/VNukE.exe
windows7-x64
1Temp/Setup/VNukE.exe
windows10-2004-x64
1Temp/Setup/VScr32.exe
windows7-x64
1Temp/Setup/VScr32.exe
windows10-2004-x64
1Temp/Setup...er.exe
windows7-x64
1Temp/Setup...er.exe
windows10-2004-x64
1Temp/Setup...er.exe
windows7-x64
1Temp/Setup...er.exe
windows10-2004-x64
1Temp/Setup/VTJOOB.exe
windows7-x64
1Temp/Setup/VTJOOB.exe
windows10-2004-x64
1Temp/Setup/VcLoNe.exe
windows7-x64
1Temp/Setup/VcLoNe.exe
windows10-2004-x64
1Temp/Setup/about.htm
windows7-x64
1Temp/Setup/about.htm
windows10-2004-x64
1Temp/Setup/alias1.ps1
windows7-x64
1Temp/Setup/alias1.ps1
windows10-2004-x64
1Temp/Setup...es.htm
windows7-x64
1Temp/Setup...es.htm
windows10-2004-x64
1Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/12/2023, 13:22
Static task
static1
Behavioral task
behavioral1
Sample
Temp/Setup/FB.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
Temp/Setup/FB.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Temp/Setup/JAV.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral4
Sample
Temp/Setup/JAV.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Temp/Setup/MCB.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral6
Sample
Temp/Setup/MCB.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Temp/Setup/SUMO.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral8
Sample
Temp/Setup/SUMO.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Temp/Setup/Setup.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral10
Sample
Temp/Setup/Setup.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Temp/Setup/StdWzd.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral12
Sample
Temp/Setup/StdWzd.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Temp/Setup/Tips.ps1
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral14
Sample
Temp/Setup/Tips.ps1
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Temp/Setup/VNukE.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral16
Sample
Temp/Setup/VNukE.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Temp/Setup/VScr32.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral18
Sample
Temp/Setup/VScr32.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Temp/Setup/VTJBomber.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
Temp/Setup/VTJBomber.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Temp/Setup/VTJNuker.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral22
Sample
Temp/Setup/VTJNuker.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Temp/Setup/VTJOOB.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral24
Sample
Temp/Setup/VTJOOB.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Temp/Setup/VcLoNe.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral26
Sample
Temp/Setup/VcLoNe.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Temp/Setup/about.htm
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral28
Sample
Temp/Setup/about.htm
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Temp/Setup/alias1.ps1
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral30
Sample
Temp/Setup/alias1.ps1
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Temp/Setup/aliases.htm
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral32
Sample
Temp/Setup/aliases.htm
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
Temp/Setup/StdWzd.dll
-
Size
119KB
-
MD5
50ff6bdfe74da78d0c4450e38d7ff1a1
-
SHA1
eb1547e3f76fee5465dca79e1ee3babf89917754
-
SHA256
f27882f97040a3f193e81a022eb6d87c3ee621a0179005635af986a9ff3cc67d
-
SHA512
8118be1461f63484941989dbf9fc61def1ed974283722da00002f54cd8e4791cab15df7d4722eeed6249118cd2a24fbba1dfa7b5cfc2651e6ed0e0a96693bded
-
SSDEEP
3072:YF74Pv3bitETw9Hn2qbCTx2CdS2CK4m4H9:YFI3b89HnBCTxJE2Tkd
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28 PID 2252 wrote to memory of 2032 2252 rundll32.exe 28