Overview

overview

10

Static

static

3

75025eb441...30.exe

windows7-x64

7

75025eb441...30.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

10

$PLUGINSDIR/nsWeb.dll

windows7-x64

3

$PLUGINSDIR/nsWeb.dll

windows10-2004-x64

10

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

10

$TEMP/Real...pi.dll

windows7-x64

3

$TEMP/Real...pi.dll

windows10-2004-x64

10

$TEMP/Real...pi.dll

windows7-x64

3

$TEMP/Real...pi.dll

windows10-2004-x64

10

$TEMP/gupp...nt.exe

windows7-x64

7

$TEMP/gupp...nt.exe

windows10-2004-x64

10

$PLUGINSDI...se.dll

windows7-x64

3

$PLUGINSDI...se.dll

windows10-2004-x64

10

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

10

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

10

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

10

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

10

$PLUGINSDI...SON.js

windows7-x64

1

$PLUGINSDI...SON.js

windows10-2004-x64

10

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75025eb441ba67a618493bea321c6b30.exe

  • Size

    2.2MB

  • MD5

    75025eb441ba67a618493bea321c6b30

  • SHA1

    c439441258e2a812944542cc5f3dfd934b6e68eb

  • SHA256

    2bcc5dfa32e627a0913c1a00e3c5cae1fc428c276d51c3abc26a4644d3c3a0fb

  • SHA512

    dc64d706970a9a1e3d12182e6986e6a46c70c98d0b163c9cd7ec2e3625815783eebda1e2a685f14fc63ba2f39e3323bbd4e0e4ff446c40a5e85db82a1bea9495

  • SSDEEP

    49152:dl1zj0je57rJ21xPBrNThjte/Vn6uYdJ6WZznO7t4uH4LcVfYFVcxwpG72DwNVj:v1zj0IUlThjSV6umJpznO76cVwiD

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\75025eb441ba67a618493bea321c6b30.exe
    "C:\Users\Admin\AppData\Local\Temp\75025eb441ba67a618493bea321c6b30.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nso1670.tmp\System.dll
    Filesize

    10KB

    MD5

    fe24766ba314f620d57d0cf7339103c0

    SHA1

    8641545f03f03ff07485d6ec4d7b41cbb898c269

    SHA256

    802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd

    SHA512

    60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nso1670.tmp\ioSpecial.ini
    Filesize

    778B

    MD5

    8384ac6f506e59ea715992b5843d9a98

    SHA1

    68f786f3f0f9ed8912f84526c715467996ac64b8

    SHA256

    a3187941f54c5f77c9063354a35bb6aa0912fed6b9456e388ec1267e52a2c97a

    SHA512

    f1d55ff303b73397d9640ce1dcf537916ce6e231fb16ec217a951a074a4bd8e8a0b7544d657c1e55f3b94ecc2e4b33233dd32151ddd91bb316053bfd8510a602

    Download Submit
  • \Users\Admin\AppData\Local\Temp\nso1670.tmp\InstallOptions.dll
    Filesize

    13KB

    MD5

    d765c492c21689e3d9d61634371fd861

    SHA1

    ac200933671ae52c9d5544d0e2e8e9144d286c83

    SHA256

    551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc

    SHA512

    9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f

    Download Submit