Overview

overview

7

Static

static

3

6fba3fa2f8...25.exe

windows7-x64

7

6fba3fa2f8...25.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22-01-2024 15:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6fba3fa2f868c8d6284521d18acafe25.exe

  • Size

    300KB

  • MD5

    6fba3fa2f868c8d6284521d18acafe25

  • SHA1

    eac967b375cd39ca8da6dc7e38fb797c66871fbf

  • SHA256

    50f9b0dd59e549256b11a3410c30a34c95c89e2b59c012966f1f73bfca32a5e5

  • SHA512

    e7e0f07e44f62f7f0d01c4ba4be617d42d0e56dc2ea94fe498383c0835bacfefa06892a2f43d90772cd398d2f66b7b3504ed0237a685eeaa693808b4c598dc7d

  • SSDEEP

    6144:krnBlRH9Oy6tq6JczwsIiPGyBrYtm/PoKowls743uqOudFq/1RA8/u:krnTRH9Oy6tNJ4wsrccgK96ClOD/1u+u

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6fba3fa2f868c8d6284521d18acafe25.exe
    "C:\Users\Admin\AppData\Local\Temp\6fba3fa2f868c8d6284521d18acafe25.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu20384DF0.dll
    Filesize

    267KB

    MD5

    d1ddd2bed23dd1e6a70855f5f7ba3e7b

    SHA1

    7c75eacc13fc2f225dfa9820ea306f6bbc891516

    SHA256

    e6f6af10a5d9496fda5f06b1dbc23f64ccda396b2fc219fd2464851edc003ba5

    SHA512

    d9647b1beffe978ef999e59417fbd6e9ce7fa7efbce690ce2039dd14bffbbdf8e18f56a529f1ce362a47b0b49121085afc6981e15b9177a3672e40de099369e1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{EF3271F3-56C3-4526-A7CD-1EE134D15305}\_Setup.dll
    Filesize

    217KB

    MD5

    ca438abb539572b5dbb95e34866c6987

    SHA1

    65c6294be3a09b4897033fb01463ee641127664b

    SHA256

    67ab505c4e4197c6b04b524bf1ff3b6946ab757febf3391e9ee87a8d879bdf7f

    SHA512

    c0d833819c8f3f74359bbe3310052178a66704269150df9ba01c25598c97c57eaf87da6e756af986593417a311b4bd0fcdd53d74022b703e1080b07220b2d24f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{EF3271F3-56C3-4526-A7CD-1EE134D15305}\_Setupx.dll
    Filesize

    43KB

    MD5

    82529b80e65e2ac831c33897fca7ae87

    SHA1

    bd943619cc1fa2f0ab014c6f11df0d02d30f577d

    SHA256

    9111bea2ddc2cf2c501254fd86f92beb72ab60db72e1352f34060f0fbce686d0

    SHA512

    f4121c39ae50c6bbd9eff9975214c472f0c661e1a44e98b539f6c05c29d536bc639d9cf1d3ec85314f659a6afa96657edbdd3110fa656c3804de48ef4aedbd84

    Download Submit