Overview

overview

7

Static

static

3

08b9c36bf3...3f.exe

windows7-x64

7

08b9c36bf3...3f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 00:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08b9c36bf3d729bc4090c40a0addd73f.exe

  • Size

    401KB

  • MD5

    08b9c36bf3d729bc4090c40a0addd73f

  • SHA1

    89e9cf69c7dd6615c26c3c1597eed6b561fc45e5

  • SHA256

    7983c61a4f0597ca22a69645d2565e5e949043bc9de4e48c532ddebebe2b5b05

  • SHA512

    77bcff958670e644c57fe1c38587664aa13fdd21794403778cc45c9f58fdb7ca9aa78d1b997711ed38753ea6f53724dfa3d732a007bb4a75498cdb9a1fd9137a

  • SSDEEP

    6144:5sck96kADhGLE1VhdJDV7I/nFC69Yj1jo3ktNNR/IL+81eXFODz8+pLaygEuxttw:+oGWf/DVinFCv1jEws+4e1W5uxttw

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08b9c36bf3d729bc4090c40a0addd73f.exe
    "C:\Users\Admin\AppData\Local\Temp\08b9c36bf3d729bc4090c40a0addd73f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2084

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nst83A3.tmp\Single_incr.ini
    Filesize

    2KB

    MD5

    f1b6568f3ed05eaf922fe2fd3e945969

    SHA1

    c275696f29f64259109a707508e4e2959116b4c7

    SHA256

    ee174d40f9ce9c1b30cdafd6d00e0f9c66f08dbd58c99b94e345479bf8e08d95

    SHA512

    c8437c5aca88e192a768bf79921ab37b9bf737c1e922f7c231b733513ec7bb0d41287ad43b6a4185aa296a7966ef22ab8520ec478c281f9e64aa46c206ee0d8a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nst83A3.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit