b2fe8d492ccd529c34b82ea02c642f8c8d6748da580c078e5a9d9b702a5566dc

Analysis

max time kernel
145s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
19-02-2024 21:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Setup.exe
Size

2.3MB
MD5

1934cd76e1e8caf9c6898ae733c0c3b4
SHA1

30b5adc64e7b1387407ab61aa0bdd3b4956166ac
SHA256

b2fe8d492ccd529c34b82ea02c642f8c8d6748da580c078e5a9d9b702a5566dc
SHA512

8a008c85158b111245efc6ca49ddca5c7f8e56e2016f3a5aa13a2c74aced774e07540a9abc11f9a632814b8d76f00d20fb998cafd4f194f235de858740db6de2
SSDEEP

49152:XBgabRqyIxlKuejJ7AHr68PCGVFO5prMRosp9s5rJb:XBDqyIxQjBwrCcM5pMosp9sT

Score

4^/10

Malware Config

Signatures

Loads dropped DLL 27 IoCs

pid	Process
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe
2452	Setup.exe

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\CompatibleIDs	Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	Setup.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID	Setup.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs	Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	Setup.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID	Setup.exe

C:\Users\Admin\AppData\Local\Temp\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Setup.exe"
1⤵
- Loads dropped DLL
- Checks SCSI registry key(s)
PID:2452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\ar-SA\IntelCommon.dll

Filesize
15KB

MD5
64bd605c042985c1d0a8c67729d34bc8

SHA1
cb0423a49753ce2ce68f7174f1b2245652207d6f

SHA256
9dcc12cf4697146628f3bf6fffd0a3af988551447d4b4cff5c9d6dc3c232b79a

SHA512
62a1168358659e43ff2353abd943f13e46bf5633526a8038b14d87843fc779de18ac684a8a16b0c0d77a2684981858028825c6b4103043e67f46238eccc9fbb8

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\cs-CZ\IntelCommon.dll

Filesize
16KB

MD5
e04c5a8c731ab56e8bb68572fb9e6dbb

SHA1
167128bede2fdb066edaf93a2198b28eaae8e398

SHA256
4843117186aa2c347e9dce6f78d4a4b1ffe77eed8b5b8f3c62af2db631d5c40a

SHA512
51b6012d560a6d52272366efe39fad91319283ef142b550908b6d60f47b06f8e56d833283518b0d17eaf05908682e07c69de1debfb17a04f85e418d31cc78130

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\da-DK\IntelCommon.dll

Filesize
16KB

MD5
d4d4fed88a5a52284a9dc1c59dd655c7

SHA1
f393b8d1423387b0c10304f804b6bee5dadfc90a

SHA256
87b349ebf9fd8c107daac7c54204cb827330660d37b53d06e9b2f387622503fa

SHA512
ca8bd1722e855b49e527e7a8e108ac7904d610de8ecbafffddf13cb4b190083e37c53a24c30ba4c036a105f8253f89f99496c9f994d1a82d65ee5c0f27b4f9ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\da-DK\License.txt

Filesize
35KB

MD5
b3a17d4db27302fc484df57639f79711

SHA1
4b5f0f53800b49e3acec9bc41f9b6e84d4a274cf

SHA256
e4dee3b0f026755f34b556e3a57fd0ff173c442a9628f24a9d0a4cf14d361765

SHA512
1cfeb2f7730e7470851959597095186a1f99f95beb610225965fedf65442e4d9420b8d4721b8efd374295bba3ea2c0de84d702a7bac9ff7abdec00718a0c5a12

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\de-DE\IntelCommon.dll

Filesize
17KB

MD5
473059aa78c2cf98b72b2ec891166d84

SHA1
1e8d62322f1a15f12b5ea292e9db8509482f874a

SHA256
762bdb9d4d98bf6fe1417e67610ede34ad0a532991542433785d9d279b096ac1

SHA512
9fa40c27b95753e39fa9ffe517defd9d4412f5a23e2329583b343415dd9ccae10974d5c66d4096fc4c8173dc976ab4d06df7dbc4968cdd172be2919640c53ef5

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\el-GR\IntelCommon.dll

Filesize
18KB

MD5
b79c751cbc8e036c8abab8c57e08d165

SHA1
e773d8bd4041f410317ed70d53b14f97a0467e68

SHA256
2f28aae16e89b3ddd311ccfb5de7d60c7ec5afd074510d4df498c704f62f3807

SHA512
8698e32df4f8aa2cc399a43878c0aef388da082bd2f79d4495091b88aabcc487ee155f27e6a0745860fdad21e104f959d6136195723293d5fe168d2a68f279b6

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\en-US\IntelCommon.dll

Filesize
16KB

MD5
183bbee140a469b0090853e2ea5e2b66

SHA1
c8d8f37499b77fa6225ade511e8924481c0a3c70

SHA256
ab3ea369a5083b4354e8c978a3f6a202ac8d2f01ff4ac323509cab35e6332674

SHA512
686b3759b720542e2d3b1e66e9b82a2053211689d60a830109a614643764cafcdc718be5e8804246fda6271c94546be2b9c328eb12672f915c9e3726af176fea

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\es-ES\IntelCommon.dll

Filesize
17KB

MD5
bcec2decf4c5dd9da2aeea60147ea32c

SHA1
1edbcab13a0c49390a317e5d581ee6daee7684cb

SHA256
0c13381abfc382a1d83f9e207e555ebf77eba35a078807bed0f6efc8f608afc5

SHA512
ec53936cd386122cdd0a1d036adafa0b03231df367f8a2e78a483e295362d877da93b1c3e16ca129828a334c63f481add60d6b83f0110ed319a5557be01f4ac0

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\fi-FI\IntelCommon.dll

Filesize
16KB

MD5
541a799f1107aaaffc1d6ef39c615766

SHA1
4f69d8c7ef0c57daae357871db7daef1256e7da7

SHA256
15bc042d61af139e46222775850dc32aceae92d90bff54036b137eef356eb308

SHA512
89fb3a78ea3f26e924a1a65d1e0349087574d0e384d084d3fc75ff5f6b2269df0b551ef16bfc7e670a9e9297e2b24d9d35595df3a485240520c00f5055cf440d

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\fr-FR\IntelCommon.dll

Filesize
18KB

MD5
13464e2b2d8e55ef8e316b82884cf9aa

SHA1
825a5b8ff513e80b244f82956d3404142441acd4

SHA256
34c95716b01ffe5fcd094a583bce2f0c0b38e04927bea0226102656c20ea099d

SHA512
dd114887379567be30075f1b23e71b9919c72512b4d23730526359123ff8cf54da9b081147c14ac1ec1d44f514174b220aad8f0aa90dde2d35728a1e14ccbc4c

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\he-IL\IntelCommon.dll

Filesize
14KB

MD5
36e8a9c009c2b8b8e7f3f09fcfb72a3d

SHA1
4a52332286481299c22c42646a9180ec96ea3cd7

SHA256
2ae923043cb58e495444948f812ec94155acb5416ecbdfb167ef18047d372032

SHA512
f93d6de047cbfaa6019fb5c7cf3f8e63b8a466f0e388bf2315fdbe79e14192d2a694ce1fd838b9c468cec8d3e7be7421fbf6a7a3ebcf081c6029e25631874d33

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\hu-HU\IntelCommon.dll

Filesize
16KB

MD5
314bf8eb946f2d06f5b8b28bd901550b

SHA1
d5b1ec8d7480cbffa4bb5ca787b5fbdeab9a43f0

SHA256
ed5dcfec16018b3b094537d624b0001809eea35bdd79deb186dcb09f5d3f3da4

SHA512
dc4c82ced391f7eb28650df14a6c279d173b1977707f5715bcd594208f58ea75788ff9d8be2dea4dc99ac4e3a863eae203ee738fe5816b33d5e112486c6e25e7

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\it-IT\IntelCommon.dll

Filesize
17KB

MD5
a5c95e01adfc30f19746c6f0beb0e971

SHA1
dff809bd415e0fcd5f91ee57ed4d26cb585b6757

SHA256
b41425d1bbaa17adfa90cb960f8a991f9606df6da6ef4d3a3257aa6b4f2b45dc

SHA512
cd0dd0b4b6faf1e598dc861c4ec93487851f7cd20c7fb16ce3303291413778ec4f0e5d7ad99f54f3f97c939643a8efd28dfaaf08bf68045ef3bce3b7410b95b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\ja-JP\IntelCommon.dll

Filesize
12KB

MD5
be01e7b65b441a088d3aa04dcd74ec0a

SHA1
4fd3598fa8b00f444818462bc022622c2a50757c

SHA256
00d13b036e74ba1844a8a0f403361e52d703f0e8ab41f873e5c72f25180c5d37

SHA512
5df3993e855ab9ee7c366fd9314852ae8fdb60051aec801d3b3e50566671440d8d5a57aa423460df49051d073db67de8695a4422b90df64e149742839c3e83e8

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\ko-KR\IntelCommon.dll

Filesize
12KB

MD5
d4bae5e84969776195fed58fc7f8c4cc

SHA1
33d9d86437f4d4a7984941e0097aae7defbed86c

SHA256
eee2b03e011e02794e67f43dfdf51e4653d9b504ff90985efe178bd977d012f9

SHA512
e3f39606c50431c7bc71345b6ea767bbd3ede58c3e7733de2d34787815ea580297aa84e7dcb775588756bd5ea343736a481e14da12943b37469ad0111b16d3bb

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\nb-NO\IntelCommon.dll

Filesize
16KB

MD5
371e5ae9d4f4f8f4b636a39d3f4bcbe9

SHA1
de21be1fe10660f07fc84f579068fbd54d469452

SHA256
52abfc18c356b0dc681cda1eee88f0f2f81a4bcde2f4c4810c395ee7cb24343c

SHA512
ba049289ff90f8a6c98f127e6b3091befbfe2c4e1f8582259c610278ebd44b23a381f4a138b1f08aabe1dc00b95f2d861c388238120d37cbbf10555e4bb287ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\nl-NL\IntelCommon.dll

Filesize
17KB

MD5
22020cd950c6fe819f2d6fb8adaf6944

SHA1
a87d2e08e9c7272adfb3b0be7596927330ae2d45

SHA256
ab7881d05b6ca12b8d16f67fded3d18dda24ecbfa084a4053a88b88d338d6ad5

SHA512
967ed44fe76f62c7b5f8a54b4a6e185e1098e811dd8485107535b8f1eb250654c8ad76899dc804b127ebbb7ac7e6f9d0c9546878939804354b8d2a20aff7161e

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\pl-PL\IntelCommon.dll

Filesize
16KB

MD5
f17d1fa25df4a333ef475dffca3620fd

SHA1
7c8f1bd6953ffe2f6db7749a371af4edb075ac08

SHA256
b01b305ae3ed134ed3caa450d0dfffca840673979d555239acb874710ba4ff9b

SHA512
677129b26b25fb1f92edd4c3e6d20c47c4ac6b6528733f9660a237b0d14bb95fca7dd79b65531eb8d447ebeef25c9de6f6525b0d8cd50a42b587652fdcef8cc8

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\pt-BR\IntelCommon.dll

Filesize
17KB

MD5
a9efe63c35755dc50814272ac3b14cc8

SHA1
9d445208050a4343c15a8a61198da69921e4705c

SHA256
cf618d0fecd88352d262ed1708f8cc8c7a2ee691c11797f924c1a64679d5e814

SHA512
1676fda351cc3a256e7dcc6cd8e5841cd8894f74779ac96a9cb017410020fd062899ce52f94d7d6a2f6867a961f3e7411f3103d6f59047a2964a7f98c6433bad

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\pt-PT\IntelCommon.dll

Filesize
17KB

MD5
4e966075c1a659e131f19a5a0f96e9f4

SHA1
c286a481efe0c7767be4baaf6efe5af602e9c246

SHA256
ea64f676a5da7dddd87254bad41253166cbb56066cee1671f17dda7c77bc4128

SHA512
5c1541c1850d0412e0dcb7409a6eca6f474f6279cda1fc51a741e501bef6c11c24246311831493b9c462153ec61987e5b607ea638bd41367902d74f542a1d851

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\ru-RU\IntelCommon.dll

Filesize
16KB

MD5
e23459cee297ac0db4f3347181db15e7

SHA1
cc0bf2cbb1bed06d8e08dde9990664fef96a56c4

SHA256
49c985b0da15ec07a00dc9f35e64a50c50a8192396929585c5c43847b63c2fd2

SHA512
f5d2676839ce0e17f205566975c33ba35b30a7a84e440caf2e5cc57146eadb223d18f43ca6b991fe65b1871058c0d7f6b67fe776ce89639077f36ae3896f5d11

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\sk-SK\IntelCommon.dll

Filesize
17KB

MD5
447dc58701494d2309b7e35bec8d3b7f

SHA1
33074d2a063f2941600d6f02b9ce5c3ce1a2c65d

SHA256
581d37bcbf6237f315bb14b6accaeff2b2d1837f49b9aee596f1702b53308fe6

SHA512
66fd535d5c1eea86cff4aba5a4636b33b134c887ebcad23ea63a5b65fae4bf66179414db4aa182868de28866aa74e54a113ee26fb5a13dd061d987995709ad39

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\sl-SI\IntelCommon.dll

Filesize
16KB

MD5
c25a1570eac8fc2af30f168a241141ac

SHA1
324eaf9434d17a2cd489f04c9d810e5e6cdeee4c

SHA256
9c6507fa4d52fb553e70bc8d15203dc7586fd6fb28e7fd9998de94573e5a8cef

SHA512
aa67bc0a389c7c3137586ba7817f19a5e5155130642ca8720cde416d2a77b61d130095a0c51af481b2a2e75a7e021cceb31c02b3a65d59956313e1a3f6af26e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\sv-SE\IntelCommon.dll

Filesize
16KB

MD5
6ff2bb3079a2e1c56fbe428bbee0c327

SHA1
0168eeed4277795c26b7077702f4a4b709c77124

SHA256
dbf75fbbf1c643a218e99769a265c52159414ff07ccef9ef8d9739a1e1002e36

SHA512
68ea9287b1b8a55caa7f034451907f695736b3cb317957820f076ceb2ab4886d2a22097012c74a7a57715e7a6df3a89a966dde7049ab770d574b4545cf0bcbb4

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\th-TH\IntelCommon.dll

Filesize
15KB

MD5
ead185215027bd5c7ca33ec73f529674

SHA1
fbbdf28dd8366016d9c6db23046c343578e7a109

SHA256
3bde78806e1216f5f8578863eb7b131ab6c29422dc2ca472f4dbc074cca4c97c

SHA512
a811cc47b60831ced3ad6392b12e432b0eaa204f94ab51976b92b3c3277e6caadeef31c7a7ad55b62e0e0f007c1c156783c83141d97ef101b0c887ffd2993106

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\tr-TR\IntelCommon.dll

Filesize
16KB

MD5
08e75114a82382636d54229ae7ba8413

SHA1
97f719a377bdcdf0bffdbabd62b69c93179a85c0

SHA256
e5330a38a8c5643b5850c9e77a4006cb3d443b46e105e9fe015ea8adfcf774d5

SHA512
2de56c9b070815c132d642fe6a4b0f51de78f8da9d8f78b36650e47d131eeb178845ca0f8a79106c8694d0eab8943fc16eafefde33c7adcc0fee599a78d8c078

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\zh-CN\IntelCommon.dll

Filesize
10KB

MD5
317a35a31f3c63c84d95713684cc58c1

SHA1
a3f0b594b13750ef31fe08714a99b6a071ea6594

SHA256
317a74ad9a5f907f15ca95131b4e1eb5875488e779444d28ce48670b8ffa8e5a

SHA512
7832aa77ae3f5cd9841d2ab4b9e37c098e71ba42cb4453e1fa16f60dd73997a3775693c713f50fbd937f8c3c829d0384cb002636051134c74104fa82e41ac8a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\IIF95D7.tmp\zh-TW\IntelCommon.dll

Filesize
10KB

MD5
3d7b0c192b1adfa6c01298b23826b7b8

SHA1
78b733deea4f21dc93cc84a7ea2c93b64df9341e

SHA256
3ecbc68c1d442af25c6fd1446200439851fd47734a4d12187fd89410344fbf37

SHA512
58087fcbeb0a2ac6f829c797029fd5fb6d87f7e4fe4de1d576892ee5a952105e99d901af8e8d3a2cfb4c41a5f0345245f6218610db6c3128fe6c8661919ad302

Download Submit
C:\Users\Admin\Intel\Logs\IntelSerialIO.log

Filesize
5KB

MD5
64db01f2540b451b24b2a27493577e63

SHA1
450b1a0396a3b72bde0e429f7994d00ffbbdde03

SHA256
0d04813213898d75b96c5508a998a9636b1b9f9291c6cf0c842e41159d0992d5

SHA512
d08c46862a477878eb9528724fe9d483c600afd5df3a4a48b68a33c697f9c51fa0f7e1b7d5f226ea9dc49b0a0da9ada8c28ff5bcdeb0b8435e5ed35277ede34b

Download Submit