Overview

overview

7

Static

static

3

Keymaker/keygen.exe

windows7-x64

1

Keymaker/keygen.exe

windows10-2004-x64

1

polyview4.36.exe

windows7-x64

7

polyview4.36.exe

windows10-2004-x64

7

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-12-2023 22:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    polyview4.36.exe

  • Size

    3.1MB

  • MD5

    18cfa60411c61ee5b2ce62b9b8d3c192

  • SHA1

    0d7cadba4e83f0fbf3acbddcb60f167ab774a5ab

  • SHA256

    d0c88274a4e3ad86cb0cbb86bf819e183143ba8da3f50ac92b13d02eb6faa443

  • SHA512

    6f96214a286084449d9f3187f1aed0feb53cbbdb8d3de1126719325327db63c7e18ec8f19ccfc5463863b9f3faeb269e434bca494e0541635cfc8c215c7e82b7

  • SSDEEP

    98304:NgfVbKJjc9yvuZ404AS1cmUVNcswtZWO+IANNYYJ:NgfVbK69yvuW04/XUTGZ9+IAcq

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\polyview4.36.exe
    "C:\Users\Admin\AppData\Local\Temp\polyview4.36.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Drops file in Windows directory
    PID:3080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\GLC446B.tmp
    Filesize

    33KB

    MD5

    13239c6e238996fa18e71e9e1be32d4d

    SHA1

    ac51c40b698f636269dddbd8352188d332ce9636

    SHA256

    7a20d9a0066d932bd31af69ec7775cf914675840ba75bd26b921cdeb64d27d72

    SHA512

    3b7bc10c3cdd5ad0faa6774f29d29d0ad38456f3443e289254d816ae02dc6c08a133a0fddee374ffa27b96274e2847eeaf67c2ab93dcc50113fc3e4ce83c388a

    Download Submit

  • memory/3080-10-0x000000005F000000-0x000000005F011000-memory.dmp

    Filesize

    68KB

    Download