Overview

overview

4

Static

static

1

119.0.6045...up.exe

windows7-x64

4

119.0.6045...up.exe

windows10-2004-x64

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 12:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    119.0.6045.208_coccocsetup.exe

  • Size

    125.4MB

  • MD5

    eba755ed8e90232328f20dba3d6b0fab

  • SHA1

    62a901df2517546bb50b888bac102b1f63b8802e

  • SHA256

    ff8ee0cbd0226eae032b45d40135096bcbcaea7ec77192e9dfe4f5fd7587814f

  • SHA512

    1a4a05869c39ecb1a3009fe1aae8a29bfa1bfa744774e1f7b4c47fde401d1653660e4c7780ab7002ec24754d02bd75c89d7edec233d4e56b245c77ad1e690eab

  • SSDEEP

    3145728:RX3TNJDeh2i0WBvSPBVthkMHadTxaZD7jOBPV5AHOj:RXDNZeIiFZQztiMHadTxED09

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\119.0.6045.208_coccocsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\119.0.6045.208_coccocsetup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Users\Admin\AppData\Local\Temp\CR_42E45.tmp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\CR_42E45.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\CR_42E45.tmp\BROWSER.PACKED.7Z"
      2⤵
      • Executes dropped EXE
      PID:2284

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\CR_42E45.tmp\setup.exe
          Filesize

          1.4MB

          MD5

          ca650dacf83f864a6327d52ce45bf4ff

          SHA1

          572d9b5d74283239ac39d25acb0e74345c29cb93

          SHA256

          c0f893886663b6d7eb8d41c41ddea4671b9f54446bc0ec52ce8d05dd057decee

          SHA512

          8aaf6c1b62ec7873ddb9ad5539f0f9a3542e1f8c161bd4bf166246048d080ab75bf7ccbdd1745f010cbfb418c11928d199657f5ac06735ac25ddc7aff82d3d15

          Download Submit

        • \Users\Admin\AppData\Local\Temp\CR_42E45.tmp\setup.exe
          Filesize

          2.3MB

          MD5

          74f44611e8d6804335b2660b92cca5c1

          SHA1

          e07af6006581a1cbb016c534eddf9104ffaaf47e

          SHA256

          01477f678ef8134441629a8926ca6c7c0486b0c46195b6a410883a8fcbfc7350

          SHA512

          e1c2de73b89ed9643acfb608210a01114fc56a229de2795f90cbdc443e77c10bec72c8f33cb9465aefe239136bc45da27064dd42289cbe7fb01c37d507f685fd

          Download Submit