Overview

overview

7

Static

static

3

7d8d1d9b36...79.exe

windows7-x64

1

7d8d1d9b36...79.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d8d1d9b36d6e70c742c67aa3a7ffd79.exe

  • Size

    1.5MB

  • MD5

    7d8d1d9b36d6e70c742c67aa3a7ffd79

  • SHA1

    79b14c5f3b5840d4965bf111e62082285491793f

  • SHA256

    11fc87c03c005ecbd67a4b07ebee1551ad8e2df0946d50a2725c3bd96700f015

  • SHA512

    0bfe4c97423d23bbb0a6542b255d72b31f754dc930fad57cccc3e70efb801afdf97340a18253b1654cafcbf699ba96e8a037debde8286b5e72dea504bd09fd7d

  • SSDEEP

    24576:ZdLZ9BAfvmM5mEimnwn4u65m8u5vDXgXxHCllLfQ62KgO2bOcKpJA7D:XZ9mmPEimE65SrXQinl0KpJA7D

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d8d1d9b36d6e70c742c67aa3a7ffd79.exe
    "C:\Users\Admin\AppData\Local\Temp\7d8d1d9b36d6e70c742c67aa3a7ffd79.exe"
    1⤵
      PID:2076
      • C:\Users\Admin\AppData\Local\Temp\65ab4761\3aLZNAbr.exe
        "C:\Users\Admin\AppData\Local\Temp/65ab4761/3aLZNAbr.exe"
        2⤵
          PID:2964
      • C:\Windows\SysWOW64\regsvr32.exe
        regsvr32.exe /s "C:\Program Files (x86)\Webbiang\CmJyTyK.x64.dll"
        1⤵
          PID:1520
          • C:\Windows\system32\regsvr32.exe
            /s "C:\Program Files (x86)\Webbiang\CmJyTyK.x64.dll"
            2⤵
              PID:2948

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Program Files (x86)\Webbiang\CmJyTyK.dll
            Filesize

            394KB

            MD5

            cae6ea4eb95b6255ba2806381b1cd2da

            SHA1

            a2edcbd558bdfd67fd62f9492525fd64ea2c3c48

            SHA256

            ecb11842ebfc325b1ddb11b09065d7dab810086b9f06b8a6c50396636df45db8

            SHA512

            d791405fda9ccc7345081ddc5ed8d7b3f3fa4725032ef1ff05b41ed347a4ca13b2ecdd7519129e6a3f5b6bf3d2c92c472f828c7b23d5ea6f5bbe0f0612e3347f

            Download Submit

          • C:\Program Files (x86)\Webbiang\CmJyTyK.tlb
            Filesize

            3KB

            MD5

            8d10c52cfa044ccdcfff4e0b5775babd

            SHA1

            3b2c872ab3237d7b74377032ed7a5239c82df766

            SHA256

            af8efa41494e63e07553fed5bd5df73cf55c160de292ea2a2ee0568cf12e0156

            SHA512

            123d5af4dec8a370a1176fe50998be5a97d3bc46ed7dd9fa365f8f4fc669785b4ed3cb0b65b266095edd3dc3512a4a1d916c035d6184e8e134617502b90f9700

            Download Submit

          • C:\Program Files (x86)\Webbiang\CmJyTyK.x64.dll
            Filesize

            365KB

            MD5

            c6707835621943d877e06139ead82528

            SHA1

            4d60c389ccfc7836c5a2c29a54c406a385486f02

            SHA256

            1d11c221ea3b8108b9ffe514d0a03477d168b839be30acf4031482c34e1a41d5

            SHA512

            8c64d753502cef693228dc105a4b026f94424c108bf39fad849d6300ef71a62dea05a223d010eac7d30bf5ebf1817801703719dcba8b7e32525d4eece2de0254

            Download Submit

          • C:\ProgramData\Webbiang\3aLZNAbr.dat
            Filesize

            3KB

            MD5

            0d0aa82fb97cefe9430aa7a26c8c25dc

            SHA1

            5132c6cfbc4f789c4bfe719979d27aa31d4d1bbf

            SHA256

            4649c66be571443e0b38c09f83d4eb7aaebd518a1815accf0462d9f63781fdb1

            SHA512

            47c7c05fb90626cc798bd8275407fc83966b957084d3c81fc00c24d558bba33031522d9af4a4d44de7afba02b52a6091d6bb30cea031f0b7bc18a8e882d2bd71

            Download Submit

          • C:\Users\Admin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lcanibedmpbmagadfcdaempijljfgccf\1.1\background.html
            Filesize

            146B

            MD5

            ae6aa55690de65d4edd0d0a9995de4f3

            SHA1

            81593d8d54e04a26bf2f299c7ab1743cd5ab694d

            SHA256

            7c9de823d7d4c5b329de8c1707fba5f9efe824cd7cbcf7e8050c3d8a0374c0a0

            SHA512

            b975085a586fa2840a9ed9008e941158d60d33bbb0ec972324b65dd545c6dcb3fac3ee20adefd1841a292bc825bc81ec4c91b92c0c588d5fc5d00675674441f6

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\65ab4761\3aLZNAbr.exe
            Filesize

            92KB

            MD5

            5360cc35092cce654ec39ee3b31e995d

            SHA1

            7a16c586d74e9684faf0848d86386dc3ed87a66a

            SHA256

            2625e23dd5e539ede842e1f2ed71d3114f4bb47fa4601692ac32e5b02e0e3e49

            SHA512

            9e4d10239028962592d429ab3c3b389cd53dcd49e098272966e947b77ca8072aaa475b29e43a033cc727f525fb47b766a7b7b821a3767e0f9c2ad7553fef94c8

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\65ab4761\3aLZNAbr.exe
            Filesize

            275KB

            MD5

            edb9dbf8133a17c3d65365de6356327d

            SHA1

            b5f1417733f2e5b33bb9437a1a7af00d3727eb4d

            SHA256

            69b462e8a89df96cca5db05374844dc78667302220684708bb7e81ca9c61892e

            SHA512

            2448d9eb469b9d81c218d85c1d5b0dc6bd01398bd71eaa7e52a25f904621def3829c2012ab6d540a8efc0cf64e4afb1f8a9156a59491d99ce40f1c49b4bdf863

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\65ab4761\CmJyTyK.dll
            Filesize

            398KB

            MD5

            bf381640ddd159c500cdaf4455e709e7

            SHA1

            c0864cecfd1592aed4104b9abab76a2b7b9c9372

            SHA256

            4c38168a953341870e0e74d884817f8d482a6fd0de040726ce9ddee68db8c4e4

            SHA512

            b08b6add08c6cf40f338ce23300ace09ec2dd50c94d2faa77077f5d678b3299d73ced03be61700baeb77454338b493095f21c2e06f54f8c0600aae8c59f2079a

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\65ab4761\CmJyTyK.x64.dll
            Filesize

            321KB

            MD5

            2288df72ae7f3f93d3720d4fb3cf9c31

            SHA1

            04d2b1338786b64f85f5a9286f9d065b95b29f05

            SHA256

            3b22cfa5825034d4655729507f62aae309e25fd1b9594260b5cf082b90e1c991

            SHA512

            e99bdecc0b776a4e81304e136cad7d1e04787ebfb6afff30c9a55b6b5664c970ec2da271dcc21b8cbf5b5d0e9d42efe4f6468a35e086464209c99646a4520756

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\65ab4761\lcanibedmpbmagadfcdaempijljfgccf\manifest.json
            Filesize

            500B

            MD5

            c90fa6ad09b63683bf229fd8ec2bd06b

            SHA1

            e316d02174f28e00f4fbfa4d52788634ea69ccc3

            SHA256

            6a39dea945b06db9347ca12bbe96e08c7b882a1702507b5e442253a544d01bd8

            SHA512

            c4791e3bd424c30bdf0b2072c570a8f2d14d5c148762b14cb495ee093eb2ad0b0ddfc80596a744416ddf9c77eaec2e74f5f142901c7710820e2042400b8be97d

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.Admin\extensions\staged\[email protected]\bootstrap.js
            Filesize

            2KB

            MD5

            df13f711e20e9c80171846d4f2f7ae06

            SHA1

            56d29cda58427efe0e21d3880d39eb1b0ef60bee

            SHA256

            6c325461fba531a94cf8cbdcfc52755494973df0629ce0ee3fef734ab0838fc4

            SHA512

            6c51cee3bf13f164c4a5c9884cc6053cbf9db9701d34c07dc5761d2c047d3d1f7a361b32996a430107e9a4ce68a29149d747a84c76778a1e8780719a3d30470e

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.Admin\extensions\staged\[email protected]\chrome.manifest
            Filesize

            28B

            MD5

            2cf85414fe119fd56067c6d913b74504

            SHA1

            be240ca84735ffaec9abecfa369b4d9aeca918bd

            SHA256

            f854f0848c06c3a02945d4ce31a841bc60e7c451e13731c4d2b727badd99ee31

            SHA512

            938d4377d4fa46b3073f982dbe3f8223a1adfaf005c96cb153e5be76f10d694759ba050493e4f3c5a09c66a995c585caf138b827459ec871d44bd94edac07245

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.Admin\extensions\staged\[email protected]\content\bg.js
            Filesize

            28KB

            MD5

            694358fd13c91d0e4a484fa9565c74f1

            SHA1

            0f6083b02ba5fb9cc83f8de45a934eb7ef2ddc85

            SHA256

            f91e2cba3306ad5cb2ab3ec0139d36c2f877ca42d9d653c276841981f2cb8a7d

            SHA512

            f02663963a9f4a69a476841ae642b2ddd6920317f01069b6293467cc42e49fc8de5030ad685d5de0017db50d586a0082a32538b1a1643b90d2458748e48873ae

            Download Submit

          • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x7a5o34y.Admin\extensions\staged\[email protected]\install.rdf
            Filesize

            602B

            MD5

            dddd3ec05544e4f2f93b8da6e7944ce2

            SHA1

            a47a457743d36f56a318cb304a49509f8bf30edb

            SHA256

            877847f5e2fecca6efbac6a28c0791015871c6069ccd80ffb9e576f38c162547

            SHA512

            6b4be8541beaa27619e64c29d9878283eb9eb9a8db8e93c276b32e67af26cf2ff9007e5877edf55ae6c81477fbb658d3dc3e0df094c247426a7b62644b915107

            Download Submit

          • C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lcanibedmpbmagadfcdaempijljfgccf\1.1\GbxY7GNk2.js
            Filesize

            24KB

            MD5

            2181508befd5c441b927f69bfc13ab9b

            SHA1

            d1dc3d773baa6904d69039cbd5224a7d06ab9fab

            SHA256

            3c5b99194c6050d16cc5dd993a6d780738c14bd798b114674a4b65f9ee191837

            SHA512

            eb219ab82fc15bc7d9823653f995ae0eb4f67d8ee9e18f9bc9345f7db7ea115f4f2de57b4fcc5604ea824e2045bc1fac3d920ffcaf9a19b0fddef5772a97034a

            Download Submit

          • C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lcanibedmpbmagadfcdaempijljfgccf\1.1\content.js
            Filesize

            7KB

            MD5

            99eb93d415b2da8eb906d27ca48f6366

            SHA1

            f88a056284df3106a0cf16a6bc00158b4f1448e0

            SHA256

            c649be2927007956ffa106277f385b56d0496f0a0e1fe2c225c844631bfca6f7

            SHA512

            85996adbfc1a696befe6c51b89e2b1d4819995c8cd854998bd3b831f2d501deabd08ebded663ce4db6fede3898b1800c730c2824d1e5d33cfe1cad7ab65c9336

            Download Submit

          • C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lcanibedmpbmagadfcdaempijljfgccf\1.1\lsdb.js
            Filesize

            12KB

            MD5

            b97523ff8853730e0b05db278e8f6139

            SHA1

            05d1542717f5355f8e966f39c2320f16f51adeb7

            SHA256

            50e71d54a217ed61fe6a917d1597b9d5461e503b577708762de19fed7d3aeb1c

            SHA512

            058e7c13f164ac6b9ede59b16247558279b8b8fdafda7fbcb3cb208fb18d7b66f1acba161eab613c8edd1d550b1b28ff3dab221aa8711ead94463fc55707e32b

            Download Submit

          • \Program Files (x86)\Webbiang\CmJyTyK.dll
            Filesize

            400KB

            MD5

            fed466ca28b5f356c5ab424a4a26bb98

            SHA1

            06927af3ac450479935daf97e18b143aa03c2ce1

            SHA256

            ae2eed4153baf70953082518181b57fa0eb51fb52014921288af44817fb0a940

            SHA512

            1972d0614889ace8407c50790c6b1dab15a6a8d66ce9ad281cbd10b2626aaadb4a73aea271f96925d0073a7eb32b4873eb1a1a3a8d8855758279e57e06a2019a

            Download Submit

          • \Program Files (x86)\Webbiang\CmJyTyK.x64.dll
            Filesize

            381KB

            MD5

            598ad9caae2618e9e8662e4bcc57facf

            SHA1

            41af59384b9cdd733c100a7ee8a05b3125e12a22

            SHA256

            31ab0bd11376e4dc86f7e5f36646eb2c934a3782f06159cad5ea8f3eb7e7399c

            SHA512

            0b15533dc821d53739bc74ccfcbd46b456a7ec8df1e7c893cb326e461f82ac8b7b6bd065efc9b3569f642d71c7335e93e7113a493fd77f78d06d846435e6316e

            Download Submit

          • \Program Files (x86)\Webbiang\CmJyTyK.x64.dll
            Filesize

            310KB

            MD5

            315c8663ec33825d5e921ece899a0584

            SHA1

            560a3ea6798662597fb4a1b0a71d4f0e3a342a9d

            SHA256

            076434b7cc4c0b0f9675b441f3a8443acec8169da5e550376ef86d3cbdd99b21

            SHA512

            a6d77ffa4f5cb5c2d2efb66b9e0c5834437db6dca58973c882a04eb08fea8a3d9137b51e2a09df35b60e80c49360f835fff84f0b18710acb00ce3840e96546d9

            Download Submit

          • \Users\Admin\AppData\Local\Temp\65ab4761\3aLZNAbr.exe
            Filesize

            410KB

            MD5

            815b3303270ea4ce5a226f0e011f1bd5

            SHA1

            48f25ef0730e730beef43b38fd6fe456a57707a2

            SHA256

            fedf67cf9f7f72afb2de9cd6480dc56e54395cb8d933885b59a1f36adcd7cd70

            SHA512

            b3bd28a2afe3615cad2affab3bf1abc2c796db6a8dec88294e531358c57fc5c8349ea51cc4c1474fb41935244c5d5353c5ea752a517eb89e6b4e5617cc2a51f3

            Download Submit

          • \Users\Admin\AppData\Local\Temp\65ab4761\3aLZNAbr.exe
            Filesize

            381KB

            MD5

            0479730b770082ad3e95605d87be3e96

            SHA1

            ed7b4fd2dc32ad1c35e8d22f16df304989e1b2de

            SHA256

            cbac870d913eaa0f2777f1d25789928a079e8187233427fa0ad08e8ea279663d

            SHA512

            df9a2c158a1d9f27dcb8c25f3e2865e428e87e9ad3a02a81af294568ae4b474530c1c66eb074ea4cf3243bea068a025adb3bab1a5d5eb6f9fe998da1f9208550

            Download Submit