Analysis
-
max time kernel
188s -
max time network
202s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
03/01/2024, 22:19
Behavioral task
behavioral1
Sample
3f2ae311584a2415bb360dd6cc39e3b4.exe
Resource
win7-20231129-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
3f2ae311584a2415bb360dd6cc39e3b4.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
3f2ae311584a2415bb360dd6cc39e3b4.exe
-
Size
2.8MB
-
MD5
3f2ae311584a2415bb360dd6cc39e3b4
-
SHA1
d0ea6a4be9dddd9bc96341526fd102cef281833b
-
SHA256
00c700d7c60373b51bc49a1a4666251cc04780af5c8df6d3488868266f441a44
-
SHA512
b7e106af0c57a452e68af2468f6a39acd4fd990b16ae1fa981af8b5b1f25fe644993d96288614fd500d7c19d961043c94cf40edecd9622efb8806a73f888a897
-
SSDEEP
24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91N:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0nJ
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/4360-0-0x0000000000400000-0x00000000005BA000-memory.dmp upx behavioral2/files/0x0002000000022794-5.dat upx behavioral2/memory/4360-15-0x0000000000400000-0x00000000005BA000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\7-Zip\Lang\eo.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\mr.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\7zCon.sfx.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\bn.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\br.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\tg.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\ja.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\tg.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\mn.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\7zG.exe.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\cs.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\co.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\pa-in.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\pt.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\sl.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\ku-ckb.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\sv.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\ko.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\7z.dll 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\ga.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\7-zip.dll.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\de.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\et.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\fr.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\sw.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\hr.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\id.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\7z.sfx.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\7zFM.exe.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\el.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\hu.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\nn.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\7z.sfx 3f2ae311584a2415bb360dd6cc39e3b4.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 3f2ae311584a2415bb360dd6cc39e3b4.exe File created C:\Program Files\7-Zip\Lang\mng.txt.exe 3f2ae311584a2415bb360dd6cc39e3b4.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.8MB
MD5ac8ef39cf4eb9ae6fc4cc893817b30f2
SHA14ade8fe84352a4cf414bfd2929cdbcf0d066766a
SHA256143b39fca10534fc67a16936356b3b1393c68fd7ac9df57990d1072895b6b082
SHA512b352f22c36d67c087856a65289225a643fbe50b48e41b18b5d6e87662447f19062f8658bbc4c5e595b6024c3b07df6e9717f7cf2137657665d8b0db8da0710fb