Overview

overview

7

Static

static

3

keygen.exe

windows7-x64

1

keygen.exe

windows10-2004-x64

1

objectdock...90.exe

windows7-x64

7

objectdock...90.exe

windows10-2004-x64

7

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-12-2023 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    objectdockplus_190.exe

  • Size

    12.8MB

  • MD5

    a1a0a489bdb092c2322cbe7cdbbe7252

  • SHA1

    4df3cd3b737d07d7607f4d386603a4edaca267d4

  • SHA256

    adfca3ccfa332b28f0849fd6bffd243830d40df0e09ed8ed9f9c95f07781325c

  • SHA512

    6b31f05ac01fd6e5c348ab8dc54de01a8f7a664d4296a86a7d3870757d3c11383707c12b7ad63d0e45239f10e35d034cab5fcaf18904ea987ee9aeef4836366c

  • SSDEEP

    393216:klDPp1dzuS4k8D5HuxfU54aetULd1ewwFt7yMk:kZFQLD5Huxf1aeIeww3yMk

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 3 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\objectdockplus_190.exe
    "C:\Users\Admin\AppData\Local\Temp\objectdockplus_190.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:316
    • C:\Users\Admin\AppData\Local\Temp\GLBCE8B.tmp
      C:\Users\Admin\AppData\Local\Temp\GLBCE8B.tmp 4736 C:\Users\Admin\AppData\Local\Temp\OBJECT~1.EXE
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in System32 directory
      PID:1112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\GLBCE8B.tmp
    Filesize

    70KB

    MD5

    fff3f34b0c4cd143acb033f8c42f86f2

    SHA1

    902f12aafd013273a6fedebf297c00a3c733ed95

    SHA256

    608bf21dcb944eadb9fd1fd59a3fc4d17b7e304b7b39896e0305168bd4626889

    SHA512

    2c31f6d3e4179358de4d10e00c4c2ce8af4375d4ba1d9bc1848fabb85e6c0511af4569688d7e9052e127507cca6a5e49ae1dbfd3326cfa6d334099fb364cc857

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\GLCE966.tmp
    Filesize

    157KB

    MD5

    fbd929bfc7b4a9e4fa4506655bab4c4a

    SHA1

    b4df84de80729a04ed90dc976a3e730a568f24f8

    SHA256

    adf8dea5d36b58cf621e2bb0c4549f94e0919308dd7cc1215d942417c45e54a4

    SHA512

    b310e79848dc2a3c6a4524e0b120e2e3dd73ecb6852c65a9eec368045f7bab0b141210726476dd3cb0c1d9008e1f34149f35c03a0156a9eef7d4a7fbc61ea1b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\GLFAAC.tmp
    Filesize

    9KB

    MD5

    b9b41e50d612e00bf3a49a6405b89d74

    SHA1

    88063ee643c64f18fedda1890c717122634aedfd

    SHA256

    50e7a30e1825fab93b94b698c2c6d2cc1787b094c6cee53eeed5c497f77443c9

    SHA512

    b2486f526025095adc6767b5c2f85f80446db2b586e4dff376d74d44494f16d78a361dc944f3a10d8ad494b871a190e8c3f0e92eb27114be5d0b748e0da9c1ca

    Download Submit