6345439128253ecdc7b17796d405c8fad13b576c709737822381e346caa377f7

Analysis

max time kernel
146s
max time network
129s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 08:37

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

604c7e0a072e3218291404c80b4fa8e6.exe
Size

2.6MB
MD5

604c7e0a072e3218291404c80b4fa8e6
SHA1

a1ebe8a6299892cf1285c40e362614ec5ab7326d
SHA256

6345439128253ecdc7b17796d405c8fad13b576c709737822381e346caa377f7
SHA512

50e0956192dd56bbfea512b3cb8f4e854862111bc9b16d1244029234680934cf96cc96646c6d497fb17bf33bf4dbacce96edb06af1f28f81ab628a62e6b78bad
SSDEEP

49152:cImxDfN8NjwVfsULk2MIK5NKprAuHtxT3vMwPGlkOK/Ulnvjy/v:QVfiNjwVfltm5+rAuNJ3valUUFcv

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2728	ius_s32.exe

Loads dropped DLL 2 IoCs

pid	Process
3068	604c7e0a072e3218291404c80b4fa8e6.exe
3068	604c7e0a072e3218291404c80b4fa8e6.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3068 wrote to memory of 2728	3068	604c7e0a072e3218291404c80b4fa8e6.exe	28
PID 3068 wrote to memory of 2728	3068	604c7e0a072e3218291404c80b4fa8e6.exe	28
PID 3068 wrote to memory of 2728	3068	604c7e0a072e3218291404c80b4fa8e6.exe	28
PID 3068 wrote to memory of 2728	3068	604c7e0a072e3218291404c80b4fa8e6.exe	28

C:\Users\Admin\AppData\Local\Temp\604c7e0a072e3218291404c80b4fa8e6.exe
"C:\Users\Admin\AppData\Local\Temp\604c7e0a072e3218291404c80b4fa8e6.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:3068
- C:\Users\Admin\AppData\Local\Temp\ius_s32.exe
  "C:\Users\Admin\AppData\Local\Temp\ius_s32.exe" "C:\Users\Admin\AppData\Local\Temp\" 0
  2⤵
  - Executes dropped EXE
  PID:2728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\ius12.bmp

Filesize
84KB

MD5
32354dc3f9d52281732c5bed5accdc78

SHA1
99d4d4cf5403586fcdc2c0ba9912b495cfa2d659

SHA256
adcc72775c4b643b0a719041711bbb20a03c9815868d6e28f4132d307e5e48a6

SHA512
c49fe4d7fe21d9ff19638fef4f8ec8856e0ad15de88d26c1da8fce5017c30cdb85d9165019c0aabd9f8a4a6d15e135d96b131585f743d99daf6cfc33b299c4c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\ius_s32.exe

Filesize
148KB

MD5
068d8a4039a961782a48da7fa78c5a50

SHA1
32d9942a906da88cb8a9baf5572edfc58ff27de8

SHA256
b8079a0abffa852f3df33ddcb3b827da55d548a457d8d92892fcbfef55e624a4

SHA512
71ad8140bf5f061ba86282b2a608d0d1227457a79df1700124bb82a99aeac2d86990664142a96979eb70308eda684915d2a965bf9cb55c65d81d7790419e8fa7

Download Submit
C:\Users\Admin\AppData\Local\Temp\ius_s32.exe

Filesize
121KB

MD5
d6c4d90cc3bd8d9f1c859f3bfd102575

SHA1
3b893429ff293fb9a1a10d31a7fd37d4fe583a6e

SHA256
b9ab1e2770896005e343ce6fd04ce0f3d2d5f045b37d81098ce3bc5906667af4

SHA512
8e87d76fe74b3a7db21a2c0619dd6dffbe91193c277ec406ce2690746c4149d2897e2504d552d80d22abedae97e9a3842c541614572e4468cf2a347180ad41cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\setup.inf

Filesize
7KB

MD5
73b76adccefb5608a39da56469d41f26

SHA1
a781d19a4b0454becbf4cc9d18a892c582069bba

SHA256
c3d91a75fd1a3b93f025b287663eebe2b7cf4462d77fa1abf9cd53a2ff1eb43a

SHA512
20f7e9917819af6b5c20a871a37c3d6d3842627b507c479644b99063db13613b3a31333ddb64065761dda76a374d82f9e356cf0e58cda25b3e188dacfefafaa9

Download Submit
\Users\Admin\AppData\Local\Temp\ius_s32.exe

Filesize
92KB

MD5
a2d0f664b068d7ad8caaefd1a3cfcc17

SHA1
8ba616e1add0cb7698c87011d28a2e9089d71f70

SHA256
4f291a7877de6e3becc1d71228e77a237485828e333c32d6c15057ef66e9f311

SHA512
df35e2f08916649bb584ad8c84f02732e0122940206824db0bd15cfd29698177c79925195cc9e41c9e666f961eef165838f71dd0e4b29003de63e571720c7a72

Download Submit
\Users\Admin\AppData\Local\Temp\ius_s32.exe

Filesize
62KB

MD5
92f63e23969b792131331044fe016dfc

SHA1
2091ecc55a6b79a1ad16acc8d1683ac5f999599b

SHA256
8d83de57487b97dfc756dfaa57ce5e4a876e1c596a84b6915399bef1a0cbc02f

SHA512
cae6aac1232c17852f19e2c3332f054ecadd4f2f2a482323bc664790d4888508f66238dae2d7103af48d5cfdaf51d2d6f8489d52747b0bd7f06ccee3110a1563

Download Submit
memory/2728-25-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2728-29-0x0000000000400000-0x0000000000478000-memory.dmp

Filesize
480KB

Download
memory/2728-33-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/3068-0-0x00000000003A0000-0x00000000003A1000-memory.dmp

Filesize
4KB

Download
memory/3068-28-0x0000000000400000-0x0000000000446000-memory.dmp

Filesize
280KB

Download
memory/3068-31-0x00000000003A0000-0x00000000003A1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads