Overview

overview

7

Static

static

3

846ac24b00...5c.exe

windows7-x64

7

846ac24b00...5c.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

True2Scan.exe

windows7-x64

6

True2Scan.exe

windows10-2004-x64

6

True2ScanCL.dll

windows7-x64

3

True2ScanCL.dll

windows10-2004-x64

3

True2ScanCore.dll

windows7-x64

3

True2ScanCore.dll

windows10-2004-x64

3

True2ScanLaunch.exe

windows7-x64

3

True2ScanLaunch.exe

windows10-2004-x64

7

True2ScanUp.exe

windows7-x64

1

True2ScanUp.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-01-2024 12:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    846ac24b003c6d468a833bff58db5f5c.exe

  • Size

    904KB

  • MD5

    846ac24b003c6d468a833bff58db5f5c

  • SHA1

    6077e3513a094de50ce3ce3876c105136120e7f3

  • SHA256

    da51aca27777c2fd13be2e099f6657b7815633bbbfe3240b4d8ed171867786ad

  • SHA512

    5e2f59f8eb47f238079fdd49bb6c64686713b93ef0d4b4cd790d56146372bdde7edd1d11ee12b72b5fd4324a783c504fa34ce745396080b1286ff44d2a481a58

  • SSDEEP

    24576:/dUJ2yQo0enW8B332oQE1dISPMg4Bji51rsHfiFLXa:/dU1QoTT3WyPMrBjMpZLq

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\846ac24b003c6d468a833bff58db5f5c.exe
    "C:\Users\Admin\AppData\Local\Temp\846ac24b003c6d468a833bff58db5f5c.exe"
    1⤵
    • Loads dropped DLL
    PID:4980

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsi6786.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    0dc0cc7a6d9db685bf05a7e5f3ea4781

    SHA1

    5d8b6268eeec9d8d904bc9d988a4b588b392213f

    SHA256

    8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    SHA512

    814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsi6786.tmp\ioSpecial.ini
    Filesize

    658B

    MD5

    6c9462a5fd237b6bfca5b470db7338e5

    SHA1

    7a4b947340cdd4df9daaf562a0204a17577d0f56

    SHA256

    266e3c314126f98e56177d691fe854bb3e5e17ef6efe93e29e85a1c1967526b8

    SHA512

    147845c48e4182faa7468261f6e06820c19ef8719df42cbb3eab83bedd233ec1e41058900be1d70551c3c195221949615709d9e2b246a0fa3315d87ff79827ce

    Download Submit