Overview

overview

7

Static

static

3

979cb8cd4d...0c.exe

windows7-x64

7

979cb8cd4d...0c.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

xls2htm-cmd.bat

windows7-x64

1

xls2htm-cmd.bat

windows10-2004-x64

1

xls2htm.chm

windows7-x64

1

xls2htm.chm

windows10-2004-x64

1

xls2htm.exe

windows7-x64

1

xls2htm.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-02-2024 21:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    979cb8cd4d2266a8169bc0c97650550c.exe

  • Size

    539KB

  • MD5

    979cb8cd4d2266a8169bc0c97650550c

  • SHA1

    73fcd79be3b458679e419af47198360e8469ddcf

  • SHA256

    427a1720b7f9a7f46a6d7cb579b020c3ee2795ef3ce6aca2fa901ccdbecc1cd8

  • SHA512

    21bf23c3c440d19bda1a924c9bb9781ac287031c0ad11c2f760556c1abdd9db090124b16c4cf07b0c2eac91d89827f136be8a8fa693cffdd09e455d0d7cf75e8

  • SSDEEP

    12288:/gN/LenZ3YpuEhiQgX/wxc81VgP425/MsOHnfADXMr:/gJeZIpY78m4kCnfuU

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\979cb8cd4d2266a8169bc0c97650550c.exe
    "C:\Users\Admin\AppData\Local\Temp\979cb8cd4d2266a8169bc0c97650550c.exe"
    1⤵
    • Loads dropped DLL
    PID:892

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsc72E0.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsc72E0.tmp\ioSpecial.ini
    Filesize

    726B

    MD5

    c23aacb00587f2a697338947e2ab9dba

    SHA1

    2d689cb42b5b9ba4607c498247ef1a175e3f0f80

    SHA256

    09b3ebd070976ef1bacedee54907cf296767cff8452c31d5952de9aebc1e2955

    SHA512

    1a6657f5615365d392af2ee56b3d4431535f2bee5d850fa8b127cf2b77ce6cf86768a2535508ebc85cfc1cf6414558f5e3f755b7028db163158081c7ac9dab43

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsc72E0.tmp\ioSpecial.ini
    Filesize

    739B

    MD5

    a6863efbd82f727a4b483aee06956c5f

    SHA1

    2d51f11dd933d02edc2c273d414c5e6797ebde17

    SHA256

    0d58ae725de5e4d56a1945d1a76bc7f78c7e0d977608900245517777afadda1c

    SHA512

    46cd4ac8b84072c888612a338ef93a93565220c8aa57a172c11238ebcda5243cbc55f49a9c58a543a29c1d60202e311ec8ea0afd9ed700191ee313070b4776de

    Download Submit