Overview

overview

7

Static

static

1

tsetup-x64.4.11.7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1791s
  • max time network
    1174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-03-2024 10:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tsetup-x64.4.11.7.exe

  • Size

    40.6MB

  • MD5

    f9a6e0f6e6a66330efcf6f2413410946

  • SHA1

    e7645a621216bffdb1559822854d6866cc4a3d0e

  • SHA256

    7d18627d63e2e129f15b3e3ba067ee9d72340adc7469df304f1363d8bc48713c

  • SHA512

    5434e936e94df1c58f95433d01cfd5821e5aa6035c3478825e277060de874d4e26eb1e320b0cb6a75fcbbc12e619d2b411944a380ffe9ec30fa1a157001393d5

  • SSDEEP

    786432:WZBNahZ/wd09Di83GklmlHcKRwq4EbVfnlQN4HTI+Jb30bY6q9ZzLH:eabwdq9yZ4SnmN6I+Jv6mzLH

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.11.7.exe
    "C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.11.7.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4968
    • C:\Users\Admin\AppData\Local\Temp\is-OOE1Q.tmp\tsetup-x64.4.11.7.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-OOE1Q.tmp\tsetup-x64.4.11.7.tmp" /SL5="$13004C,41625653,814592,C:\Users\Admin\AppData\Local\Temp\tsetup-x64.4.11.7.exe"
      2⤵
      • Executes dropped EXE
      PID:1932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-OOE1Q.tmp\tsetup-x64.4.11.7.tmp
    Filesize

    3.0MB

    MD5

    587ba714a8ecdec47d6ad285993a435a

    SHA1

    694399d370390923cd9265144526770e8020a583

    SHA256

    2fa9b95534a75a431a5cf9eec029868680aaf18fad8fe72c3518d33b4a32cc17

    SHA512

    da148a883fc96b81392afdc95a5cb1e833e0c236b7b106f63bb0099596eb1097c1e1e581edc86f6638610eae57c919a1846592a4318ca3af508c7df82a46783d

    Download Submit

  • memory/1932-5-0x0000000000D00000-0x0000000000D01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1932-8-0x0000000000400000-0x000000000070F000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/1932-11-0x0000000000D00000-0x0000000000D01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4968-0-0x0000000000400000-0x00000000004D4000-memory.dmp

    Filesize

    848KB

    Download

  • memory/4968-7-0x0000000000400000-0x00000000004D4000-memory.dmp

    Filesize

    848KB

    Download