Overview

overview

10

Static

static

10

IFProtects...ts.exe

windows7-x64

6

IFProtects...ts.exe

windows10-2004-x64

1

IFProtects...s2.exe

windows7-x64

1

IFProtects...s2.exe

windows10-2004-x64

6

IFProtects...ut.exe

windows7-x64

3

IFProtects...ut.exe

windows10-2004-x64

3

active/WebUnion.exe

windows7-x64

1

active/WebUnion.exe

windows10-2004-x64

6

d86645adc1...sm.exe

windows7-x64

1

d86645adc1...sm.exe

windows10-2004-x64

10

d86645adc1...df.lnk

windows7-x64

3

d86645adc1...df.lnk

windows10-2004-x64

10

fgyjk/03F7...BF.exe

windows7-x64

6

fgyjk/03F7...BF.exe

windows10-2004-x64

6

wyanoc/Agghosts.exe

windows7-x64

10

wyanoc/Agghosts.exe

windows10-2004-x64

10

xiuxiu-/we...ss.exe

windows7-x64

10

xiuxiu-/we...ss.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 02:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d86645adc1cdc9e4ad55f0bb801525e5f08a4c52efbf8043ad4fffcfaa311cef/Document.pdf.lnk

  • Size

    2KB

  • MD5

    170121b443dfb94113e76d0a3125977f

  • SHA1

    a9d3e8971781a70cdf9fb03301b8b68299f3f8e4

  • SHA256

    de37f3b4aeeada22873dfb5fa074bd53e959fab38593ee22b8ab689fa767f8c8

  • SHA512

    81dcefa5a4fd8a91e64280d365f645e30eff332e08189d3e006c3722d1cae46a53ad3841b0db9bc2bf58b8dfd4b3287b4ac5a15f0df5948d3d0bf0ac5c3bd779

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\d86645adc1cdc9e4ad55f0bb801525e5f08a4c52efbf8043ad4fffcfaa311cef\Document.pdf.lnk
    1⤵
      PID:2896
      • C:\Windows\System32\cmd.exe
        "C:\Windows\System32\cmd.exe" /c start Dism.exe
        2⤵
          PID:2716
      • C:\Users\Admin\AppData\Local\Temp\d86645adc1cdc9e4ad55f0bb801525e5f08a4c52efbf8043ad4fffcfaa311cef\Dism.exe
        Dism.exe
        1⤵
          PID:2720

        Network

              MITRE ATT&CK Enterprise v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • memory/2720-34-0x0000000002500000-0x0000000002641000-memory.dmp

                Filesize

                1.3MB

                Download

              • memory/2720-36-0x000007FEFA6B0000-0x000007FEFA71C000-memory.dmp

                Filesize

                432KB

                Download

              • memory/2720-38-0x000007FEFA6B0000-0x000007FEFA71C000-memory.dmp

                Filesize

                432KB

                Download

              • memory/2720-45-0x000007FEFA6B0000-0x000007FEFA71C000-memory.dmp

                Filesize

                432KB

                Download

              • memory/2720-48-0x000007FEFA6B0000-0x000007FEFA71C000-memory.dmp

                Filesize

                432KB

                Download