Overview

overview

7

Static

static

3

4c867998f4...fd.exe

windows7-x64

7

4c867998f4...fd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 21:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c867998f4bfdf392ed056298679c8fd.exe

  • Size

    295KB

  • MD5

    4c867998f4bfdf392ed056298679c8fd

  • SHA1

    7bfa752e60376976fd64fb3206ef2c7e58c90511

  • SHA256

    17bae3d8cff8656e81753e82309425fb7a5221311e94c4320802fbee946d8dbf

  • SHA512

    340ccfd473c15f24ca29c1d35ed2dd2846e76c8779925375e69006c0a677001052833df40589a8224a7039ac7b70d1e257cb9a0a4eaf46726deffc7e16cadb56

  • SSDEEP

    6144:YrnLlRH9Oy6tq6JczwsIiPGzM/kjql9zmW5vkJFFwX4XTAtbmC:YrnZRH9Oy6tNJ4wsC84ql9j5voX8t6C

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4c867998f4bfdf392ed056298679c8fd.exe
    "C:\Users\Admin\AppData\Local\Temp\4c867998f4bfdf392ed056298679c8fd.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu4B99A8B0.dll
    Filesize

    29KB

    MD5

    16eacd733cb2d3971732eb9e251e8ea1

    SHA1

    b8d1a82fd80a005c65eab3cc0b6c8dde5e231ac4

    SHA256

    3c3f51326de6fd71421263c253f6c24e396a9e84b210ba8b76c10228a762ace6

    SHA512

    fb7a0b840c8d3e79baacb53124f4982c574035510e60c9ad955978db698f64e5ca4c42ab0572998764bee50fa7ae0021267846337dd2568c7dcf257fdbcecb9a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{7A949251-5205-4DFE-AF15-1A27A177B0A7}\_Setup.dll
    Filesize

    160KB

    MD5

    bcc95a315d4944321a6660b1c828f4bf

    SHA1

    8d6eadb976ec1c6a1946a787a517e2e5eb9b8214

    SHA256

    2b5d6dd4e7fa6130c2d49f95007309ce02a2860c583ba3ac8e360e073cd2a738

    SHA512

    0906b16328874b41c66efd7c4e58996c7d4bb74ae9dd8c9c355ac11cd2a4c4e40308bdd5077112f691567bb20211ac548ddae6c2922be53a5a824058d6ffbfff

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{7A949251-5205-4DFE-AF15-1A27A177B0A7}\_Setupx.dll
    Filesize

    43KB

    MD5

    c215b7a537c3d78b84542841ab0d2b12

    SHA1

    d88c3a4cadfa20a28eb6c0b198a33b243899073d

    SHA256

    c5885cc2f106faa6015dfc9730714b19bd2116c613bd10614ba358429c061044

    SHA512

    49415a7e0a2cad632f3c3045228c60cc49c763f31bfedcb53834859ad63f4042dcf87095198de245ceede153598a7c0f411890fb1cc55ac347e2f655895e9c20

    Download Submit