e002d5bbf4a98ac6d80a3a6277fe76b13b7ebdfdfb374495161180694886e6f2

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/02/2024, 08:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SecuriteInfo.com.W32.Backdoor.OGTY-3206.20752.7802.exe
Size

26.2MB
MD5

e15642b40008a827258873bfeea59407
SHA1

45d136f50d4fbd3d8a840d1a5f85c64718ac96c8
SHA256

e002d5bbf4a98ac6d80a3a6277fe76b13b7ebdfdfb374495161180694886e6f2
SHA512

23b506992687af0aa7aa65f98fc16c155f54dfe614b10b0855bc00be8c3c6f11e122f94b5dba2eed96195bde53d14c57b4b3d3d63e5b41af33770483c09bece3
SSDEEP

786432:Of6xp+5NBvQBHox396Fr6x/DiqLCZwXi6tIp:ONpRxtq65DTWRLp

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2364	SecuriteInfo.com.W32.Backdoor.OGTY-3206.20752.7802.exe

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.Backdoor.OGTY-3206.20752.7802.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.Backdoor.OGTY-3206.20752.7802.exe"
1⤵
- Loads dropped DLL
PID:2364
- C:\Users\Admin\AppData\Roaming\Thinstall\Adobe Reader 9 Lite\4000005400002i\AcroRd32.exe
  "C:\Users\Admin\AppData\Roaming\Thinstall\Adobe Reader 9 Lite\4000005400002i\AcroRd32.exe"
  2⤵
  PID:2820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Roaming\Thinstall\Adobe Reader 9 Lite\4000005400002i\AcroRd32.exe

Filesize
1.1MB

MD5
34ca5003ca31a6dd968b14af5ce5eed4

SHA1
8fd9a1030d45bcdb7650350ed6dac14b2bb0e0a7

SHA256
443efea07a1d3d3c22a73624837e7ef9fc7c67117c960a7a6029f5c778df8de7

SHA512
5707f1699864ec601eae9281c5d32e17e7d6f02335ab325ba16ea8fdf8e83981eb5c78fa72b5d3d4ca0ac12e4f03b0cdbc08bd4accb9c08e1a8871318b8817f5

Download Submit
memory/2364-11-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-23-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-3-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-4-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-5-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-6-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-7-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-8-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-9-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-25-0x0000000075AE0000-0x0000000075B80000-memory.dmp

Filesize
640KB

Download
memory/2364-2-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-1-0x0000000001DE0000-0x0000000001F54000-memory.dmp

Filesize
1.5MB

Download
memory/2364-0-0x0000000000400000-0x0000000000526000-memory.dmp

Filesize
1.1MB

Download
memory/2364-27-0x00000000760C0000-0x0000000076D0A000-memory.dmp

Filesize
12.3MB

Download
memory/2364-28-0x0000000077030000-0x0000000077087000-memory.dmp

Filesize
348KB

Download
memory/2364-30-0x0000000075840000-0x000000007599C000-memory.dmp

Filesize
1.4MB

Download
memory/2364-32-0x0000000075A50000-0x0000000075A55000-memory.dmp

Filesize
20KB

Download
memory/2364-34-0x0000000000400000-0x0000000000526000-memory.dmp

Filesize
1.1MB

Download
memory/2364-36-0x0000000075C60000-0x0000000075D70000-memory.dmp

Filesize
1.1MB

Download
memory/2364-35-0x000000007EFA0000-0x000000007EFB0000-memory.dmp

Filesize
64KB

Download
memory/2364-37-0x0000000003130000-0x0000000003255000-memory.dmp

Filesize
1.1MB

Download
memory/2364-39-0x0000000075C60000-0x0000000075D70000-memory.dmp

Filesize
1.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads