Overview

overview

7

Static

static

1

Driver_Upd...up.exe

windows7-x64

7

Driver_Upd...up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-02-2024 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Driver_Updater_setup.exe

  • Size

    6.5MB

  • MD5

    cb055d7ddb5b500c5fcb0051428fc3cc

  • SHA1

    c98493f9809c8fd95fd8067a2f1cadf2ee4cead3

  • SHA256

    011d634221dc4de0498600568f37e27de35cfe60fc2c2b22c2aa87871fb10c0a

  • SHA512

    56e5a5c005fb25515971016251fbd6f0d6e2de674085c53491d0ab7e4fde8b0ca4ed9b41c4c835c43931bb74e62dd97be2d4f7d1897ef27c3a091c0a01a6bc1a

  • SSDEEP

    98304:NSi6xhRkehvxxdcVdCHTY5yed8G34okb36Ls5UKYA26NMYMRLeYEWkARq6N6T:AvRDVhcHCmTd7fkb36HrtFYUqC6T

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Driver_Updater_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Driver_Updater_setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1484
    • C:\Users\Admin\AppData\Local\Temp\is-8D792.tmp\Driver_Updater_setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-8D792.tmp\Driver_Updater_setup.tmp" /SL5="$D004C,5837648,810496,C:\Users\Admin\AppData\Local\Temp\Driver_Updater_setup.exe"
      2⤵
      • Executes dropped EXE
      PID:4524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-8D792.tmp\Driver_Updater_setup.tmp
    Filesize

    3.0MB

    MD5

    4947f753eb5c3b1aa3ce496a9ab30130

    SHA1

    20da210a244b611cc51f3167688b108fea890cc8

    SHA256

    1cb7131714f41d651792f15b48a128840c959a5190d076a7fee5fe8b8efe232d

    SHA512

    70407d838aadae2f1c5e9e10446787fed29b683a8374eedb834ee0b255524adf5d1cea6e641e859b14a5e4f8b3fec313f7f943522d144fa902eed6dd5efab4ad

    Download Submit

  • memory/1484-0-0x0000000000400000-0x00000000004D3000-memory.dmp

    Filesize

    844KB

    Download

  • memory/1484-7-0x0000000000400000-0x00000000004D3000-memory.dmp

    Filesize

    844KB

    Download

  • memory/4524-5-0x0000000002710000-0x0000000002711000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4524-8-0x0000000000400000-0x000000000070D000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/4524-11-0x0000000002710000-0x0000000002711000-memory.dmp

    Filesize

    4KB

    Download