Overview

overview

8

Static

static

3

HaruHost.exe

windows7-x64

6

HaruHost.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    170s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HaruHost.exe

  • Size

    29.1MB

  • MD5

    e2c58ae2a0b8f22aa176e2e492c57784

  • SHA1

    eda117740cb4df5dfe5114b3d13257261e4886bc

  • SHA256

    f762a2cf752440ddae41f7e6b196394fbd9627be565db1a9c73d311281468fd1

  • SHA512

    3a124d0cdfd95729fc49efba37fa019e833979b8ed8b73369bcdaa40c6476d9bba5e53b8bab82f7bdfce6408f7673008759a2bd526581b3c355da0023dafb67d

  • SSDEEP

    196608:pkTOppiGuX4jxHgfJ5rWmGlXnY0t5qTEVwDHRdj7Fk9bm:pk6jiGuodqoXYCqTEyDHRdj7FG

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Modifies registry class 8 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HaruHost.exe
    "C:\Users\Admin\AppData\Local\Temp\HaruHost.exe"
    1⤵
      PID:1304
    • C:\Program Files\Microsoft Games\minesweeper\minesweeper.exe
      "C:\Program Files\Microsoft Games\minesweeper\minesweeper.exe"
      1⤵
      • Drops desktop.ini file(s)
      • Modifies registry class
      • Suspicious behavior: GetForegroundWindowSpam
      PID:556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft Games\Minesweeper\MinesweeperSettings.xml
      Filesize

      11KB

      MD5

      2f6423d0f38cbe6ef9cf7a3cb3f4df63

      SHA1

      297e0289b7e73d8fb1fcf0a3e737377cba6344e1

      SHA256

      2ce8232a7358298ac2829fb2e5f4c201a36f4882b0d1154403bfecc1a99558ea

      SHA512

      bc3d0f87f13a4b1571ccba65680adb5daace2ce43aa8d0c7d00ca7dea3d87235fb5565c81f275462a92afa4d8d3b4a38c0b86174581b5fbfc4dc2d8c6c93782b

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{89FE5CB3-11CB-489C-AC0D-0C0B6707E1F6}\{89FE5CB3-11CB-489C-AC0D-0C0B6707E1F6}.gamestats
      Filesize

      3KB

      MD5

      11b1cb66abbbe81e007ddd2959f6b068

      SHA1

      f87a67ffe354b00cbb2f492701b6429762e9c87f

      SHA256

      cb5314886a9d885e9d9df33497476223bd30ead81d8cd8ddb7a977bf15675184

      SHA512

      efcba4aaddaea5e60c120811bf8e04664fea877b4fdf3559aac086a68ad679a8561d43b53a76ee6bef5d5ca8b4bd452a22082ed8a68a78ead7bde02b106230bb

      Download Submit

    • memory/556-39-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-30-0x0000000000330000-0x0000000000430000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/556-9-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-8-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-7-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-21-0x0000000002040000-0x000000000204A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-28-0x0000000005DE0000-0x0000000005FE0000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/556-41-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-40-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-31-0x000007FEF5CD0000-0x000007FEF5E01000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/556-10-0x0000000000480000-0x0000000000481000-memory.dmp

      Filesize

      4KB

      Download

    • memory/556-6-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-29-0x0000000000330000-0x0000000000430000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/556-42-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-43-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-45-0x0000000000480000-0x0000000000481000-memory.dmp

      Filesize

      4KB

      Download

    • memory/556-44-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-46-0x0000000002040000-0x000000000204A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-47-0x0000000002040000-0x000000000204A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/556-48-0x0000000005DE0000-0x0000000005FE0000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/556-49-0x0000000000330000-0x0000000000430000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/556-50-0x000007FEF5CD0000-0x000007FEF5E01000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/556-5-0x0000000000440000-0x000000000044A000-memory.dmp

      Filesize

      40KB

      Download