Overview

overview

7

Static

static

1

SecuriteIn...44.exe

windows7-x64

7

SecuriteIn...44.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19-02-2024 11:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.FileRepPup.19713.21644.exe

  • Size

    9.0MB

  • MD5

    9a45ef375655d14709d0e5e7df9f6eef

  • SHA1

    0620a4d5d96f6be44e624459ba8ee0295ba1afae

  • SHA256

    3d5193bb3174aa37788892c74f80f5a0a03a11584f646349f24b081b9de834a8

  • SHA512

    40e84f5f7186f9c3edf10435c92e25f4508ab592bb53b2a2f3f636b19bfbbc989550d48275b26b1ca1443520e582ab80b003aacc53ae571f19648ea42d70d212

  • SSDEEP

    196608:lOKO8PqPHOr/igFkcS7fC8erZvWJuB12rTCZOBQu:lIo7DVMfveZvWoTKCZP

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.FileRepPup.19713.21644.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.FileRepPup.19713.21644.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Users\Admin\AppData\Local\Temp\is-BAO1F.tmp\SecuriteInfo.com.FileRepPup.19713.21644.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-BAO1F.tmp\SecuriteInfo.com.FileRepPup.19713.21644.tmp" /SL5="$E0154,8727020,791040,C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.FileRepPup.19713.21644.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-BAO1F.tmp\SecuriteInfo.com.FileRepPup.19713.21644.tmp
    Filesize

    2.1MB

    MD5

    676f48e38a62a75f41a2fc65f1f63eca

    SHA1

    ea1d20f485f5ff669261419d529a805686dfbe74

    SHA256

    e4cf8ba0c5394a3aa81b961916ab38869099424fb416c6bb25aa24162b4b2163

    SHA512

    92737792947c7dba7692e1f3c01708978d56cac59cadf719b603d79d945a24de89203ccb8fc24ee1071c2b51ca854bf8ad95a10617d547ef491eee2c83145e96

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-BAO1F.tmp\SecuriteInfo.com.FileRepPup.19713.21644.tmp
    Filesize

    2.5MB

    MD5

    08635d6224597e4ffb119ad80ab4e9f8

    SHA1

    d127794ec2aa0f49f9d9ebc0cad611628279306e

    SHA256

    448e2467ba017fb067143b1b1d4ed4b245c6d62badc3bade569e417fbea86b42

    SHA512

    464a794a4784f221d638a96c72a7661760167714bee67ae8c9e877bb91fd4cf1d3d2c6d7fd90a052595878397ef6bca0cadc4ca20284c58c28e68703d9355570

    Download Submit

  • memory/2152-1-0x0000000000400000-0x00000000004CE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/2152-10-0x0000000000400000-0x00000000004CE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/2944-8-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2944-11-0x0000000000400000-0x0000000000685000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/2944-14-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download