Overview

overview

7

Static

static

3

fc9ccbf24b...6d.exe

windows7-x64

7

fc9ccbf24b...6d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/12/2023, 22:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fc9ccbf24b87a8af590fb50fb537056d.exe

  • Size

    469KB

  • MD5

    fc9ccbf24b87a8af590fb50fb537056d

  • SHA1

    3e1cfa8c4d06acf8344d0f04ea8cd86c0f0467b5

  • SHA256

    e20c193ebef3624848d428a84ac89bcc3a8e5dbb9ec2ac19156fe9b677ccb01e

  • SHA512

    2590d723e9e9392f87a42c4e359545a16ff019c25fa797a0fa45fc6fe51cb3a8a74a784c8ef24c03fe60909951c04091df9897aa198de3091a3a62bf06ff5ef6

  • SSDEEP

    12288:B8sa9uw2HuFybubDbQpJDwmUN1g38XZpYJORiFKPI6xB:BY2Sn+Dw/1bBPI6r

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 13 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\fc9ccbf24b87a8af590fb50fb537056d.exe
    "C:\Users\Admin\AppData\Local\Temp\fc9ccbf24b87a8af590fb50fb537056d.exe"
    1⤵
    • Loads dropped DLL
    PID:4076

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\BrandingURL.dll
          Filesize

          4KB

          MD5

          71c46b663baa92ad941388d082af97e7

          SHA1

          5a9fcce065366a526d75cc5ded9aade7cadd6421

          SHA256

          bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e

          SHA512

          5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\Math.dll
          Filesize

          66KB

          MD5

          b140459077c7c39be4bef249c2f84535

          SHA1

          c56498241c2ddafb01961596da16d08d1b11cd35

          SHA256

          0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67

          SHA512

          fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\Math.dll
          Filesize

          1KB

          MD5

          ce9709536d296bf5e3d67eea995f2c35

          SHA1

          767c81dfc8a3434c23eea095661758ce378f1d0a

          SHA256

          a5d31b2721e41eab16bbfd1a854efcce39213dc153d3eb5e8f088c63dd8e06f2

          SHA512

          35cb251157eb0ad45bebb83a152c7c60b22f8753f4334f671d4ea6a4b53faed1e6de7bd4be74aacc3c8d3206122aabce40c7e2ccb092fb51eae9694b1eb6944c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\System.dll
          Filesize

          11KB

          MD5

          c17103ae9072a06da581dec998343fc1

          SHA1

          b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

          SHA256

          dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

          SHA512

          d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\intlib.dll
          Filesize

          24KB

          MD5

          1efbbf5a54eb145a1a422046fd8dfb2c

          SHA1

          ec4efd0a95bb72fd4cf47423647e33e5a3fddf26

          SHA256

          983859570099b941c19d5eb9755eda19dd21f63e8ccad70f6e93f055c329d341

          SHA512

          7fdeba8c961f3507162eb59fb8b9b934812d449cc85c924f61722a099618d771fed91cfb3944e10479280b73648a9a5cbb23482d7b7f8bfb130f23e8fd6c15fb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\intlib.dll
          Filesize

          5KB

          MD5

          35999e59645508ddda219c10bc2e8a22

          SHA1

          913707a64ab756dccf714f5a74b610031902a46e

          SHA256

          84de92b9b6566dcf4b7eacf1ce61fdb804eb7e98ee20252e7609663a957370d8

          SHA512

          1c089ffc885b0a260e6448b48c4e29714946d5694b69c4315585bca95070b28aa2600d11c6ec92427698295cf74b94079f3b10030c471a02d86c4b46177289c0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso444D.tmp\nsDialogs.dll
          Filesize

          9KB

          MD5

          c10e04dd4ad4277d5adc951bb331c777

          SHA1

          b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

          SHA256

          e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

          SHA512

          853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

          Download Submit

        • memory/4076-58-0x0000000002A20000-0x0000000002A3A000-memory.dmp

          Filesize

          104KB

          Download