Overview

overview

7

Static

static

3

6c1faa5c62...c6.exe

windows7-x64

7

6c1faa5c62...c6.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-03-2024 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c1faa5c62048ee4f4a189800932c9c6.exe

  • Size

    3.2MB

  • MD5

    6c1faa5c62048ee4f4a189800932c9c6

  • SHA1

    773182afd9a8a721e8e1eb07affbddbdbb4a26a6

  • SHA256

    7be09d9db347e78624a5fb16659f54ede30d7294baeb57bbe7459f90a2d8ecd4

  • SHA512

    3a3706c6d7c0b36d89e863fd8ecdee586ac81848688434fa6bdabab08a9605e6d56a5dcc5fbe9d41d4dbb44aa19f096ed64c96eaa52fcdcf65c91902918a3a19

  • SSDEEP

    98304:7PVcsxxMFqbzI03I5fNewbLGQ1iZLy/n:7faF+zI03IWw2zen

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 15 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c1faa5c62048ee4f4a189800932c9c6.exe
    "C:\Users\Admin\AppData\Local\Temp\6c1faa5c62048ee4f4a189800932c9c6.exe"
    1⤵
    • Loads dropped DLL
    PID:1524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\03131a0b1bf5498f874e6acca48844e3\Cwd.dll
    Filesize

    9KB

    MD5

    03131a0b1bf5498f874e6acca48844e3

    SHA1

    4cc312f2deea111e776cb6817e96ec36c312ba37

    SHA256

    3266378ca7cc86f510d3b682d05a61fe1f9fb75289e719e7735dbd2e03bb152d

    SHA512

    0f8eedafcf6f653aa72859ce22a79aaab61b8bd0d4ca86803ae4a1bdde4d3d86473f1bde0502ed4bf5165ea95d2a637717ea5ba9f433e73c0e33e07c9ce83ab9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\042ceae155e3938a7686992b6c36226c\Dumper.dll
    Filesize

    28KB

    MD5

    042ceae155e3938a7686992b6c36226c

    SHA1

    a743f4a090681f2c107f7475bcefda842f96c94e

    SHA256

    0e75e1f56a31ab8ad56126e21ff35c14a8cc931acea9fd8fe72a2074e155df05

    SHA512

    3ad40e29cb8ec2fd207d6d1ed56f5f4a74695920f2778fc3643c73ec1702ddc861f3c0f220ff55f8d66f8778d97d779feb0d098a4776bd3ca368ca1328505a3f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\132b837f66d3b9635a475d1dbde5167d\Fcntl.dll
    Filesize

    14KB

    MD5

    132b837f66d3b9635a475d1dbde5167d

    SHA1

    fabef6afca0d679453caa64a96306b62a031542d

    SHA256

    e5580bcc0f0644afa15a663ce4a281a5f271f87c8d73ab6630fd5ac9f3915bcb

    SHA512

    b8d88be1603228c98c7c00f0a9932890bdc43e99a91ae1d3c6a68cf1a9acefadf2ea863532a92e828c037a5fdb8ad2ddbb21de8329e3dcace2353b143fce5366

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\1edd7ab8e409d5ac540aee9a9a858a69\Bzip2.dll
    Filesize

    75KB

    MD5

    1edd7ab8e409d5ac540aee9a9a858a69

    SHA1

    1dcc76ca379d593e4fa6ea6ad1134f081871fffe

    SHA256

    f16f33b476051b8220cc3fcec9b738919bcefea400f35b03a1786766e6c4a502

    SHA512

    bb45ce675daa32191e90d90fb402ecdaf768dfc705a2adcd2a60956cf5c80d887382048a6ef269665ef989a3d94895e37395434ed2460de6f993fbca370aeed6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\367c6bcd6c81ed7f4983e7e8cd89eee8\Zlib.dll
    Filesize

    110KB

    MD5

    367c6bcd6c81ed7f4983e7e8cd89eee8

    SHA1

    154c4b0e46e56c6628c7f84d21274b3c3726c700

    SHA256

    4bbe04d3f385c6874753c1a8eca670e2e66ccde5f44231fdb46cf8a47d3c049e

    SHA512

    36d69b24e6d43a88eb38e86e1c21a4ef9172bd24096e0dbe7da6b5b181fb1a388afc25e1c33ad6b5788fcbd540107bc2b7d3a3684b4dfa197cbf5dbfe7f88037

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\44634511db5228d4b93f17341af4701b\Util.dll
    Filesize

    20KB

    MD5

    44634511db5228d4b93f17341af4701b

    SHA1

    ca91eb1fb3227dfa75e48ec7bf795c705aab6c0d

    SHA256

    8bdb54ba6f4f42f1daaae359e9e15b667259dc7a4fd70986624593efa2e60f16

    SHA512

    bab4bdbad55d40c87fe2fb02d0d3f6129bbf84962e8cdb1d082e272c8d605c35567870ccb44274316975b2465c3a870e8aacd56cfc1b6e51da10195a04f20772

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\45608763576364094bd64e0c6aa10ef5\HiRes.dll
    Filesize

    16KB

    MD5

    45608763576364094bd64e0c6aa10ef5

    SHA1

    b33d6a59047527e45ab0bdf5201eaac0ba96dd95

    SHA256

    79f9335960a18a54e98a2cd5dd853bf6b9cf25b01c226670e92d19f82b4ea07c

    SHA512

    932130f154feac23d4c017a85149dd412570a3708f1fa997b1b157af99a61bf4dd4650a7d796d03f6712b154be5449ac6ed458559e00ab973c0aca1d07479deb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\543cadee6d6510e93f205e57d2631dae\B.dll
    Filesize

    62KB

    MD5

    543cadee6d6510e93f205e57d2631dae

    SHA1

    a599ab0153a3a63c0659874c0babb24d5226cfa2

    SHA256

    c2a5fa8cb0b7b06ecbfe6f7d56df7161c0313e6b05bd285c794f5a131df4c011

    SHA512

    07490e4c3edd4bd7abab917e46d175d905aa9a542b18d0b3fecbebb86f8d54fe9e8e1481b71d3b8b93c4355fa5111300a081425d9296b80992b5f68a793f72f5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\5a8fa93826d87c44cb26a2194b4beebe\IO.dll
    Filesize

    14KB

    MD5

    5a8fa93826d87c44cb26a2194b4beebe

    SHA1

    770a74b1e105f3fd9415d0d6529500f3770730a5

    SHA256

    1b96a6ead9ae23a53393f2ab5dbcfeda720f80aa2d8f2c57ab1618eac40ed962

    SHA512

    c71aa6c6ece86eace297e873e48b452af2e41149a6ee80aea8ad42e4fcda72e7a777612d24d73ad5cbcccfdb756b8749f7a101b69f8c0a3144b3bf6c6a6ce51a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\5e3c5fd2c7c9cdcf4d5b7a9bcfb508d5\Glob.dll
    Filesize

    17KB

    MD5

    5e3c5fd2c7c9cdcf4d5b7a9bcfb508d5

    SHA1

    4a46d591ecb226c786fe486a412c1e68d26bb9df

    SHA256

    8a256c55fcac3f33edc7b5f4310ef26d4b87cc9fffe5e1b38567d5aaebdb4bd0

    SHA512

    4d5e3d1d2ef95fa9a27ab7c08f41156838bc32897df0a27976ff766d88ac6085f0ffac673ec4e736a7ddf55af12ccd9c8a79ff82ceb4efc356d3be0863c15564

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\6953efd7deb8e53bd56fd1b3fbfc153b\Encode.dll
    Filesize

    28KB

    MD5

    6953efd7deb8e53bd56fd1b3fbfc153b

    SHA1

    939c2193178dae4732217fd1b5beaaac182a9320

    SHA256

    00b2d77531ef256d134bb6c41bd2058243656defeacf28d9abcad2a2498f1fd1

    SHA512

    a29ae3d8de48dcfd1253b023bbcfd65ffe89d808f963e2c114b93981edac9522b44b4ec26800ba8bc709a3f86294bcceb143d7ad7f6a141b4a8c380c3889d3fa

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\752d82cc3a0ac7c7f0e7421a88a2a8b1\perl514.dll
    Filesize

    2.1MB

    MD5

    752d82cc3a0ac7c7f0e7421a88a2a8b1

    SHA1

    62a9d8c9c0542ef3bbca99771242507c4105371f

    SHA256

    b2aa929d9edcc363ebb7954343f891bc54c69f5f2690c1db8e8871768a559f6c

    SHA512

    97d044802e1fdd1cd9b96d65f2282057fd779894defa05ca638c34b1948d825bfc08c062e7969c5d6732027f9dc1767bb338d43a47e5027a7922f47371f2401c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\84946cc0a71ae6280aacb0dd02bfd73b\Base64.dll
    Filesize

    12KB

    MD5

    84946cc0a71ae6280aacb0dd02bfd73b

    SHA1

    e9f22daa1ece1cdce81cd26f2a02cef1de29821e

    SHA256

    7f822a4488a87f1124cf884797f50bf6e7ac3a49d2f65866afd5bcdf180f5c21

    SHA512

    a3d446aa13bdb6fc6675bd9d269cf88b71bffe6a446e96207a249d7b09c5ede067ea5803372f39a6f2628025af5ab69eb00780623ce8a898687888d0c6659402

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\8549b281e4a4ef1c87f09915315afc14\MoreUtils.dll
    Filesize

    70KB

    MD5

    8549b281e4a4ef1c87f09915315afc14

    SHA1

    50f8194efe26ea6731b8f14cb468f8d67106e8ed

    SHA256

    4f9c17f86b915099fa24349b9fc21fab34880a0137daa50a8814e5bbc88fdc70

    SHA512

    6d7e10943907391cfafeb6172c4b0d94fd6cae8915d89156f2be3ca0b39dc07c775996a0879521c85ea14f81b4a765a46fdba504a203402b74806375849c4c7d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\pdk-Admin\aa43e7a061b4aa122d1087d38a6a50b3\POSIX.dll
    Filesize

    75KB

    MD5

    aa43e7a061b4aa122d1087d38a6a50b3

    SHA1

    c24dc0430de915b415ce1fc20fc7ac9a44a8339b

    SHA256

    1836b41ff38d6fa88a3700239e1dd6cdfee785c357561e43b426423decfbbe9e

    SHA512

    ef27cfd08dcaea6814f65cadf01dde88f166733113afa7b97b4fa30a08cb8b09d367a24885dcdc5e4aa573450544c394cbaa987db3f7ff70919851052fa7ee54

    Download Submit

  • memory/1524-52-0x0000000003190000-0x00000000031A3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/1524-31-0x0000000000380000-0x0000000000397000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1524-14-0x0000000000330000-0x000000000034F000-memory.dmp

    Filesize

    124KB

    Download