Overview

overview

7

Static

static

3

New folder.zip

windows7-x64

1

New folder.zip

windows10-2004-x64

1

New folder...2R.nfo

windows7-x64

1

New folder...2R.nfo

windows10-2004-x64

1

New folder...en.exe

windows7-x64

7

New folder...en.exe

windows10-2004-x64

7

$TEMP/BASSMOD.dll

windows7-x64

1

$TEMP/BASSMOD.dll

windows10-2004-x64

1

$TEMP/R2RJUCE.dll

windows7-x64

3

$TEMP/R2RJUCE.dll

windows10-2004-x64

1

$TEMP/bgm.xm

windows7-x64

1

$TEMP/bgm.xm

windows10-2004-x64

1

$TEMP/keygen.exe

windows7-x64

1

$TEMP/keygen.exe

windows10-2004-x64

1

New folder...2.1.7z

windows7-x64

3

New folder...2.1.7z

windows10-2004-x64

7

Setup Port....1.exe

windows7-x64

7

Setup Port....1.exe

windows10-2004-x64

7

New folder...st.zip

windows7-x64

1

New folder...st.zip

windows10-2004-x64

1

Tone2 Nano...l.html

windows7-x64

1

Tone2 Nano...l.html

windows10-2004-x64

1

Tone2 Nano...it.exe

windows7-x64

3

Tone2 Nano...it.exe

windows10-2004-x64

3

Tone2 Nano...it.exe

windows7-x64

3

Tone2 Nano...it.exe

windows10-2004-x64

3

Tone2 Nano....2.txt

windows7-x64

1

Tone2 Nano....2.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    594s
  • max time network
    369s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2024, 04:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup Portal v1.2.1.exe

  • Size

    139.1MB

  • MD5

    f51215458c4ed86bad7b0df6d46724ff

  • SHA1

    c29f5b9d8dcf73fa8e4344900687227fadfa2b56

  • SHA256

    00ee7e1b2a1a11e0c9b8b750484b9a60ffb41baea16a34339f2e71ff6b25ef2c

  • SHA512

    50576d687412ddd237ef94a8f5542fa18d500dda641bcc865e0a3b06d4c10e11fb6a2e6bde729d4bc40de662562e906579b230f63f0a3fb0d923821c1d34b468

  • SSDEEP

    3145728:+g3bu9LmQ2Qs1V0XXlnej9/nW3rmQ2Qs1V0XXlnej9/nW3njmQ2Qs1V0XXlnej9I:jwLmnCHleZ/nWbmnCHleZ/nWzmnCHle6

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup Portal v1.2.1.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup Portal v1.2.1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\is-BO4SJ.tmp\Setup Portal v1.2.1.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-BO4SJ.tmp\Setup Portal v1.2.1.tmp" /SL5="$30152,145481172,121344,C:\Users\Admin\AppData\Local\Temp\Setup Portal v1.2.1.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\is-BO4SJ.tmp\Setup Portal v1.2.1.tmp
    Filesize

    1.1MB

    MD5

    34acc2bdb45a9c436181426828c4cb49

    SHA1

    5adaa1ac822e6128b8d4b59a54d19901880452ae

    SHA256

    9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

    SHA512

    134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-J1T9I.tmp\ISSKINU.DLL
    Filesize

    357KB

    MD5

    f30afccd6fafc1cad4567ada824c9358

    SHA1

    60a65b72f208563f90fba0da6af013a36707caa9

    SHA256

    e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d

    SHA512

    59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-J1T9I.tmp\R2RINNO.dll
    Filesize

    4KB

    MD5

    5df8ada84a16f5dfc24096ef90a5ce3a

    SHA1

    5e7e9c68119c3a0a1afc92c60674bc8714492823

    SHA256

    48a9c8c332fde541b571d9d522d0e37834b452f55af8cbdc341b12222e78fb5b

    SHA512

    661b5219c74dd6e3a8e899a1b1a3002689d148e337d7323a174519366c9548c284ee76e2faa2f9600cd483db21093ee62399f0d7403c39523c654266760191c2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-J1T9I.tmp\SKIN.CJSTYLES
    Filesize

    813KB

    MD5

    5f87caf3f7cf63dde8e6af53bdf31289

    SHA1

    a2c3cc3d9d831acd797155b667db59a32000d7a8

    SHA256

    4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940

    SHA512

    4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

    Download Submit

  • memory/2320-0-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2320-278-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2752-48-0x0000000074170000-0x00000000741A9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2752-52-0x0000000010000000-0x0000000010061000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2752-19-0x0000000074A00000-0x0000000074A8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2752-20-0x0000000075000000-0x000000007515C000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2752-21-0x0000000074CF0000-0x0000000074D90000-memory.dmp

    Filesize

    640KB

    Download

  • memory/2752-22-0x0000000074C50000-0x0000000074CED000-memory.dmp

    Filesize

    628KB

    Download

  • memory/2752-23-0x0000000074DF0000-0x0000000074E47000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2752-24-0x0000000075750000-0x000000007639A000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/2752-25-0x0000000074450000-0x0000000074488000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2752-26-0x00000000742C0000-0x00000000743DF000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2752-27-0x0000000074230000-0x00000000742BC000-memory.dmp

    Filesize

    560KB

    Download

  • memory/2752-28-0x0000000074C20000-0x0000000074C4A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2752-29-0x00000000741F0000-0x0000000074222000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2752-30-0x0000000074070000-0x0000000074165000-memory.dmp

    Filesize

    980KB

    Download

  • memory/2752-31-0x0000000076910000-0x0000000076AAD000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-32-0x0000000010000000-0x0000000010061000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2752-33-0x0000000074A00000-0x0000000074A8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2752-34-0x0000000075000000-0x000000007515C000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2752-35-0x0000000074CF0000-0x0000000074D90000-memory.dmp

    Filesize

    640KB

    Download

  • memory/2752-36-0x0000000074810000-0x0000000074819000-memory.dmp

    Filesize

    36KB

    Download

  • memory/2752-37-0x00000000745C0000-0x000000007475E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-38-0x0000000074DF0000-0x0000000074E47000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2752-39-0x0000000075750000-0x000000007639A000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/2752-40-0x0000000074A90000-0x0000000074B0B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/2752-43-0x00000000763A0000-0x0000000076423000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2752-44-0x0000000074450000-0x0000000074488000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2752-45-0x0000000074430000-0x0000000074447000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2752-46-0x00000000742C0000-0x00000000743DF000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2752-7-0x00000000001D0000-0x00000000001D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2752-49-0x0000000074070000-0x0000000074165000-memory.dmp

    Filesize

    980KB

    Download

  • memory/2752-15-0x0000000010000000-0x0000000010061000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2752-47-0x00000000741F0000-0x0000000074222000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2752-61-0x0000000074820000-0x0000000074833000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2752-50-0x0000000076910000-0x0000000076AAD000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-53-0x0000000074A00000-0x0000000074A8F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2752-54-0x0000000074CF0000-0x0000000074D90000-memory.dmp

    Filesize

    640KB

    Download

  • memory/2752-55-0x0000000074C50000-0x0000000074CED000-memory.dmp

    Filesize

    628KB

    Download

  • memory/2752-56-0x00000000744D0000-0x00000000744E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2752-57-0x00000000745C0000-0x000000007475E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-58-0x0000000074DF0000-0x0000000074E47000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2752-51-0x0000000073FE0000-0x0000000074016000-memory.dmp

    Filesize

    216KB

    Download

  • memory/2752-59-0x0000000074A90000-0x0000000074B0B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/2752-62-0x00000000763A0000-0x0000000076423000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2752-63-0x0000000074230000-0x00000000742BC000-memory.dmp

    Filesize

    560KB

    Download

  • memory/2752-65-0x0000000074170000-0x00000000741A9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2752-64-0x00000000741F0000-0x0000000074222000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2752-66-0x0000000074070000-0x0000000074165000-memory.dmp

    Filesize

    980KB

    Download

  • memory/2752-68-0x0000000076690000-0x00000000766B7000-memory.dmp

    Filesize

    156KB

    Download

  • memory/2752-70-0x0000000074CF0000-0x0000000074D90000-memory.dmp

    Filesize

    640KB

    Download

  • memory/2752-72-0x00000000744D0000-0x00000000744E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2752-69-0x0000000010000000-0x0000000010061000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2752-67-0x0000000076910000-0x0000000076AAD000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-71-0x0000000074810000-0x0000000074819000-memory.dmp

    Filesize

    36KB

    Download

  • memory/2752-73-0x00000000745C0000-0x000000007475E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-76-0x00000000763A0000-0x0000000076423000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2752-74-0x0000000074DF0000-0x0000000074E47000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2752-77-0x0000000074230000-0x00000000742BC000-memory.dmp

    Filesize

    560KB

    Download

  • memory/2752-78-0x00000000741F0000-0x0000000074222000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2752-79-0x0000000074170000-0x00000000741A9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2752-80-0x0000000074070000-0x0000000074165000-memory.dmp

    Filesize

    980KB

    Download

  • memory/2752-81-0x0000000076910000-0x0000000076AAD000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2752-82-0x0000000073FE0000-0x0000000074016000-memory.dmp

    Filesize

    216KB

    Download

  • memory/2752-83-0x0000000010000000-0x0000000010061000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2752-279-0x00000000001D0000-0x00000000001D1000-memory.dmp

    Filesize

    4KB

    Download