Overview

overview

7

Static

static

3

ffb7e0228d...52.exe

windows7-x64

7

ffb7e0228d...52.exe

windows10-2004-x64

7

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13-02-2024 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffb7e0228d5212b01b82d48a1a058ada453228b70a0285e39822facefcc24e52.exe

  • Size

    174KB

  • MD5

    650c121ef770044b5b8533ec524b9c7b

  • SHA1

    958aff891948845f648041f62e42efd7d0fe5cbe

  • SHA256

    ffb7e0228d5212b01b82d48a1a058ada453228b70a0285e39822facefcc24e52

  • SHA512

    d6e2a19fabecdfb068be28bc342f50183bb145e07a6c52eb96d2ae114c4058a19a88491e7a46cc4e1c950d55266d06a0e14c9b5682e19e4b4e47d16a3b11f1e0

  • SSDEEP

    3072:T1E/rS2paccKntcpbdJIpIxqgnmQQrSQSTr:T1oneboIxuQsx2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffb7e0228d5212b01b82d48a1a058ada453228b70a0285e39822facefcc24e52.exe
    "C:\Users\Admin\AppData\Local\Temp\ffb7e0228d5212b01b82d48a1a058ada453228b70a0285e39822facefcc24e52.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsy401E.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    41f557e065b405f94d0ece8b5727233b

    SHA1

    c6d1704eefbdfe0a7d4a03c65acc70cdde883598

    SHA256

    9de492995d2180635aa3194b88ce6dd94e0c2b001af5952a73d4a84fbc32b6ab

    SHA512

    43b35b2366ba54593087c8c9127da5acc8efb45ebb84603138027692877173294b7478f8c6308ed9b168813c7b6d5f2b8dd261b75e58d0c97440baa4d0fbe493

    Download Submit