Overview

overview

7

Static

static

7

7d5e096cc9...eb.exe

windows7-x64

7

7d5e096cc9...eb.exe

windows10-2004-x64

7

$PLUGINSDIR/extra.dll

windows7-x64

7

$PLUGINSDIR/extra.dll

windows10-2004-x64

7

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...ON.dll

windows7-x64

7

$PLUGINSDI...ON.dll

windows10-2004-x64

7

$PLUGINSDIR/sign.dll

windows7-x64

7

$PLUGINSDIR/sign.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2024 15:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d5e096cc914cfdb84b8ed6e4df10ceb.exe

  • Size

    165KB

  • MD5

    7d5e096cc914cfdb84b8ed6e4df10ceb

  • SHA1

    bc87f3c769e4b9a7d87146d2e61ec6bfb22793f3

  • SHA256

    1395d70cf9785445d82091f8415b56e29ba9d5be89563dff4aadc0dafc6be808

  • SHA512

    d0752221f7a218078550843179cc8d9ca8ba107eb236a40614e54f6c2dc51e64c162b83feab219e3a6366b4fde3eb74e0a80ae239cce6ed77afc99745ad24e51

  • SSDEEP

    3072:o5BuYAVrgUCPnNl5WMixBBJUtgHggM0BoEAQsDRP600F+219V7gg:o50gUCRWM4BUWuZhDRPRG+a9Vt

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 13 IoCs
  • UPX packed file 8 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d5e096cc914cfdb84b8ed6e4df10ceb.exe
    "C:\Users\Admin\AppData\Local\Temp\7d5e096cc914cfdb84b8ed6e4df10ceb.exe"
    1⤵
    • Loads dropped DLL
    PID:2268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nstFAD4.tmp\inetc.dll
    Filesize

    55KB

    MD5

    44c61e6da6cc91ca3435010640fd4e04

    SHA1

    2165fb1209a9ee7d8f11a416e08d78e022962d3c

    SHA256

    2ee5f911ba4d1aac8af16f7eef7dc69b7382e7c1998d06f1d5590785a42e5a93

    SHA512

    18e838d7f095eb5d8dc62f5d75486926dd4b254d03afef05e1e3bce6808fae73b7a46afbf1a1dd14dcf52f1883db6c4c7a9b5d5dbafdfa3c12dd9562b3ef5bcb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nstFAD4.tmp\extra.dll
    Filesize

    32KB

    MD5

    ab83fde15027576dd5cdcf98e51e16a4

    SHA1

    7ff782eac9ef49875e7b922f5aedcbaf796b808f

    SHA256

    cb6be9cbec2d166d3625ed511408ae0264581e03a9c8e0d1e895002025f6a9f3

    SHA512

    74317a5149b3f81e5e592a9bb4633a1ddeea49340c4996dda5d3487b1317b8e4623b0421215b02992b0e775c0f39b5f63a4c36602c3deb0155f80a7bd0282420

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nstFAD4.tmp\nsJSON.dll
    Filesize

    7KB

    MD5

    78b913fcd04259634a5e901c616e6074

    SHA1

    ad5e1c651851a1125bcad79b01ccdcfa45df4799

    SHA256

    e3ce60666bb88c2412615ef9f432ec24e219532dee5cc1c7aebc65ed9ec94d59

    SHA512

    cbe07179dd93011f3d9a8f83541961ff34fb83d96658ac82a433ef0aa3399b183eaec3e6a49ec1c1e478d1eada2d3ebc78ffb1ae0574984ae66a7a9cab5d59e5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nstFAD4.tmp\sign.dll
    Filesize

    32KB

    MD5

    d30b6c8d2f38e6abbb2f39bac0808bc0

    SHA1

    f1bca6416ae0f4c52e5b076381c72b18472954d8

    SHA256

    1f2b4549129c1b98c5674fe363a0267376dfd623323c5815216043dfa7fe1f2a

    SHA512

    3bf03d839ffa04c1d5eeb89a6405820ab2eea3548050e730255df7e84dfc729157c0d5c7eceeead5e8e1f4aa23777fe78a5582f0772c85bf0f793dd245a887e8

    Download Submit

  • memory/2268-15-0x0000000074360000-0x0000000074378000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-60-0x0000000074190000-0x00000000741A8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-61-0x00000000741B0000-0x00000000741C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-59-0x00000000741B0000-0x00000000741C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-58-0x0000000074840000-0x000000007484A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2268-16-0x0000000074830000-0x0000000074847000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2268-51-0x00000000741B0000-0x00000000741C7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2268-42-0x0000000074830000-0x0000000074848000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-5-0x0000000074830000-0x0000000074848000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2268-75-0x0000000074830000-0x0000000074838000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2268-76-0x0000000074190000-0x00000000741A2000-memory.dmp

    Filesize

    72KB

    Download