a9fa357447186f9c23b5e5e97938f96d88ae892951b987af06e4a32fb0bbdfc9

Analysis

max time kernel
195s
max time network
204s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29-12-2023 19:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

025de082ba47b7ecadfc141cc7f234ac.exe
Size

5.3MB
MD5

025de082ba47b7ecadfc141cc7f234ac
SHA1

adff6ac5c86d0adc3e52ef13bab35a7dcb6edfe8
SHA256

a9fa357447186f9c23b5e5e97938f96d88ae892951b987af06e4a32fb0bbdfc9
SHA512

4aa2a1dbbe24098bb618b471ffa51ab397d6955cf778d6508367d0859ec989a58ff2dade5cf16ef66e7feedd08adb2c260677628a8898c58ed38cbab7b53e135
SSDEEP

49152:2lYvoGxUSJpXDd3334igWb2n8yIyiVPh74Gzqmf6aGgKqbvshL5lB6APyP9fnvG5:2sRXDd3334LXrwVegbk5yhLMj/H

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 2 IoCs

description	ioc	Process
File created	\??\c:\$Recycle.Bin\S-1-5-21-635608581-3370340891-292606865-1000\desktop.ini	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-635608581-3370340891-292606865-1000\desktop.ini	025de082ba47b7ecadfc141cc7f234ac.exe

Drops file in Program Files directory 18 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\7-Zip\7-zip.chm	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7-zip.dll	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7-zip32.dll	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7z.exe	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\be.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7z.dll	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ar.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ba.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7z.sfx	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7zCon.sfx	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7zG.exe	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ast.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\az.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\7zFM.exe	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\descript.ion	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\History.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\af.txt	025de082ba47b7ecadfc141cc7f234ac.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\an.txt	025de082ba47b7ecadfc141cc7f234ac.exe

C:\Users\Admin\AppData\Local\Temp\025de082ba47b7ecadfc141cc7f234ac.exe
"C:\Users\Admin\AppData\Local\Temp\025de082ba47b7ecadfc141cc7f234ac.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip.chm

Filesize
1.6MB

MD5
b744c34db15f50778694e8d4c62c1452

SHA1
a8e40e8cdaeda875743632a00d22985f0f826399

SHA256
193d5ad6a03305039f1358a90147ab6d238ef87cc276cde8754928c537333481

SHA512
106a75368f1f395bb499415d84e45a00d929c6881c98a42b741cbd377a5632503197cb97bca9f51061f9b8797bc1e9ceb570dafb228f3c4fadc0c3921931c118

Download Submit
memory/2044-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-1-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-5-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-6-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-10-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-15-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-19-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-24-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-26-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2044-31-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads