Overview

overview

7

Static

static

3

PlatinumHi...up.exe

windows7-x64

7

PlatinumHi...up.exe

windows10-2004-x64

1

PlatinumHi...ch.exe

windows7-x64

1

PlatinumHi...ch.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PlatinumHideIP2.0.8.6/PlatinumHideIP-2.0.8.6.Setup.exe

  • Size

    1.5MB

  • MD5

    d84b38f28f4782f1c182e99e5747bdf4

  • SHA1

    9a5ee9664ec5b123e332a8477786a460accd0b0d

  • SHA256

    01af7a1594f7d992bedce164cd03e58ba05a0c993da47308747c034746504a84

  • SHA512

    14f1211db452f0e82725e1729720eeca0d0f5b0c19d2d25dc34c68f46959c65dc608a063ca2f4c2e8c1138928b2294dcc94c53119384bf2bcfc8c9cdc23c6477

  • SSDEEP

    24576:9fSi/BTsku4wsEPY1aRZyUMneemxyE1z9eiQ3qYarrDwqIqXnLvUM3+wkPnLOf/:9fR1Pw01aRgVmYI+3eDvIsjkTG

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PlatinumHideIP2.0.8.6\PlatinumHideIP-2.0.8.6.Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\PlatinumHideIP2.0.8.6\PlatinumHideIP-2.0.8.6.Setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsy143E.tmp\ioSpecial.ini
    Filesize

    523B

    MD5

    2ade05f3212a5aadd953666ea671a78b

    SHA1

    fdf86a52ec091fca8cc2655241b36e21ac201f32

    SHA256

    e5311920345c7f5a8504756b7ee2bd61ab3262615cd2399666b385b56ddabf57

    SHA512

    0a16e20400b266905dac03e5f7020e2927ebc830d804fdbfcc17c707f1e1948baa07805b1fa8c0419ec270eef4d2f742671252868346602d8311c2b813d37eb1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy143E.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    ec48a8204e1aed3d9a951cd92158cbe3

    SHA1

    0db29522e15448553b697b88b31a3d8392efd933

    SHA256

    3166399ed2ee296749aa412a4ec70807373b6349e9b94a7fcd97c3418f744f0f

    SHA512

    9b0ab63fbe4bf89ddf93e5fc6922cc95c0586e21dea945ce04065afd7957bd2472e34c909d356123346f62dee4c6d6077a0072810c91b61ad3df4c168cdb79d5

    Download Submit