Overview

overview

7

Static

static

3

a117703349...2f.exe

windows7-x64

7

a117703349...2f.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

TrustFighter.exe

windows7-x64

3

TrustFighter.exe

windows10-2004-x64

3

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-02-2024 05:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TrustFighter.exe

  • Size

    812KB

  • MD5

    9c8cab22bf643f761a79cf6fd1715239

  • SHA1

    ba9a6500f480a14a561b10f8ea623b741fdc6e7c

  • SHA256

    1d85f2f01d2121bc3c0a70e836b488728ef1e5bd6a658384d51cc81a5a07ba95

  • SHA512

    98142ca418d7b81a0b9b0e25845e8ec8250f00d7d094d1a626409358c2580bdac4d6670b645e962ed949bf17b76d6a6d3be61d0891b90b244cca7fff1112d490

  • SSDEEP

    12288:4m3PM69CGe11g95UoKvMLbxOmOm/c5y+Nkhv8pKg0gKMhEK5zl6KL9csinvchY7x:7R5eONOskgw5gxgKMhEnKLOsmvcAx

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TrustFighter.exe
    "C:\Users\Admin\AppData\Local\Temp\TrustFighter.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3056 -s 120
      2⤵
      • Program crash
      PID:908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3056-0-0x0000000000400000-0x00000000008FD000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/3056-1-0x0000000000400000-0x00000000008FD000-memory.dmp

    Filesize

    5.0MB

    Download