Overview

overview

7

Static

static

7

65f0553a2e...b6.exe

windows7-x64

7

65f0553a2e...b6.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...Vs.dll

windows7-x64

3

$PLUGINSDI...Vs.dll

windows10-2004-x64

3

$PLUGINSDI...ib.dll

windows7-x64

1

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...ig.dll

windows7-x64

3

$PLUGINSDI...ig.dll

windows10-2004-x64

3

$PLUGINSDI...tn.dll

windows7-x64

3

$PLUGINSDI...tn.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...up.exe

windows7-x64

7

$PLUGINSDI...up.exe

windows10-2004-x64

7

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$PLUGINSDI...ll.exe

windows7-x64

7

$PLUGINSDI...ll.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 20:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65f0553a2ec9233c4f97f996ce5f99b6.exe

  • Size

    2.6MB

  • MD5

    65f0553a2ec9233c4f97f996ce5f99b6

  • SHA1

    a6b379fcdf15ffe8a9a3ec5dbb94b53b294081a6

  • SHA256

    f910a13226f0cc0674db290c728e0474c91fffd6963e454f83d975014d4a785c

  • SHA512

    08cb478de87c0cfac440e7c26cfc9eb6297f098ec026e7f4ce011bad9f0a7dbc98ae475d55d5ff49ddc17941ca1052f6a6941364fafed454851498149acaf5b2

  • SSDEEP

    49152:CD9XRe1hHIiP8EeGx1jVpOzyex9CPIZJVa63c/SYX/1E0pnggAVK5JyjjXtdHc:CPexesBp1o9Djk51RAxvc

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 10 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\65f0553a2ec9233c4f97f996ce5f99b6.exe
    "C:\Users\Admin\AppData\Local\Temp\65f0553a2ec9233c4f97f996ce5f99b6.exe"
    1⤵
    • Loads dropped DLL
    PID:3928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsx4DE2.tmp\GoogleTracingLib.dll
    Filesize

    36KB

    MD5

    d8fca35ff95fe00a7174177181f8bd13

    SHA1

    fbafea4d2790dd2c0d022dfb08ded91de7f5265e

    SHA256

    ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c

    SHA512

    eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx4DE2.tmp\IpConfig.dll
    Filesize

    118KB

    MD5

    a75e3775daac9958610ce1308e0bca3b

    SHA1

    d83ce354cde527c2e20fb425415f6d4795dd4cd4

    SHA256

    fe2093ff4bfa1d7259c922aca1e7bb219c4d234e469942446d9e2f8086b7d720

    SHA512

    48168a91ec90df262b1e158f32b4bc2a6d6ce10022eb96d4a6f3c755b977e5c104558626adaa214bda29d7f1d246f19e2df59b9a338982aa1c623e1bdd5714c6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx4DE2.tmp\SkinBtn.dll
    Filesize

    4KB

    MD5

    29818862640ac659ce520c9c64e63e9e

    SHA1

    485e1e6cc552fa4f05fb767043b1e7c9eb80be64

    SHA256

    e96afa894a995a6097a405df76155a7a39962ff6cae7a59d89a25e5a34ab9eeb

    SHA512

    ebb94eb21e060fb90ec9c86787eada42c7c9e1e7628ea4b16d3c7b414f554a94d5e4f4abe0e4ee30fddf4f904fd3002770a9b967fbd0feeca353e21079777057

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx4DE2.tmp\System.dll
    Filesize

    11KB

    MD5

    ca332bb753b0775d5e806e236ddcec55

    SHA1

    f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f

    SHA256

    df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d

    SHA512

    2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx4DE2.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    904d8313031ac05e2bac3dd329828833

    SHA1

    6c8322f76e5c38bc24b0bcc057a510c92ec40b43

    SHA256

    a7c5516478ab02b5d6c1684b3c2b31ee03331712bcd9f9a8ef8309d2b72c8ec4

    SHA512

    9d524ebc965f224e1a16f537f71df0963c586fd548cb9a901f8afb1951416dd656d5493cc5e304157dfa6d70d69bcd4c5a5b140fceb3736548e71fe7086b6de8

    Download Submit

  • memory/3928-45-0x0000000002B40000-0x0000000002B67000-memory.dmp

    Filesize

    156KB

    Download