a89795a9baa1c9e0fff552f3d0ee7d81e9ef3565750462617220b4d86d089cba

Resubmissions

14-03-2024 07:01

240314-htlfnadc8w 7

14-03-2024 06:59

240314-hsdpesdc5v 7

14-03-2024 06:52

240314-hnee6afd65 7

Analysis

max time kernel
113s
max time network
20s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14-03-2024 06:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Supermarket Simulator 0.1.1.1 to 0.1.2.exe
Size

28.9MB
MD5

05cf83a49484c1361d211c6e600b6fc5
SHA1

e2cec391a25615aad8dddca7d1c743893fc99707
SHA256

a89795a9baa1c9e0fff552f3d0ee7d81e9ef3565750462617220b4d86d089cba
SHA512

457a8d743aa25ca884599a364ef33d60fa7984c6829da22cf3a302b7be4282d8886246f107ed5d74c5878f8f1444cbe480e14756077cadb3ad1f3225cae7aed1
SSDEEP

786432:Pk+fabSzGhsh8ViciYScwzCQFkrixM99NHNxl+XMo:MpSzE4PciL4rsqHNxE

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp

Loads dropped DLL 7 IoCs

pid	Process
2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp

Suspicious behavior: EnumeratesProcesses 13 IoCs

pid	Process
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
2276	Supermarket Simulator 0.1.1.1 to 0.1.2.tmp

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28
PID 2292 wrote to memory of 2276	2292	Supermarket Simulator 0.1.1.1 to 0.1.2.exe	28

C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator 0.1.1.1 to 0.1.2.exe
"C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator 0.1.1.1 to 0.1.2.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2292
- C:\Users\Admin\AppData\Local\Temp\is-T8352.tmp\Supermarket Simulator 0.1.1.1 to 0.1.2.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-T8352.tmp\Supermarket Simulator 0.1.1.1 to 0.1.2.tmp" /SL5="$80022,29942592,121344,C:\Users\Admin\AppData\Local\Temp\Supermarket Simulator 0.1.1.1 to 0.1.2.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:2276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\is-73J99.tmp\BASS.dll

Filesize
109KB

MD5
36946ab0740fa086bfc8b8a86260eee9

SHA1
57e154464dd247f14ec90de065d7be685dcc1293

SHA256
9ac13f9bc5564fd8a1eab5f7c945dce1c27940dd63a913108eac64481ddde6af

SHA512
51a090119c36f19c8b008d52f1faf76ee1d511e151df777c577cf91da84300a8474d7e17004e3f374434b2d16eb1da3cfaee853e47528f9a1f6fb8bab71ed3e1

Download Submit
\Users\Admin\AppData\Local\Temp\is-73J99.tmp\VclStylesInno.dll

Filesize
2.1MB

MD5
9344fe9caf0be0a70f498ef078bd106d

SHA1
e5212d2c25367336f86d49b57d2f5d49150021b9

SHA256
5d01e5eae3bae33c4f7b86345ed2f5e9724938ecbe90804afce720c5ad631763

SHA512
d9c275a82f96fb30d46f4ca487a7a12e133377a796f3999d7d167fcf70aa4059da695944bd888318348a60b87ae8c76d2022a06665b627dbc6a75b0e23ba9426

Download Submit
\Users\Admin\AppData\Local\Temp\is-73J99.tmp\crc32c.dll

Filesize
30KB

MD5
bfca8a245fc3a7fe7a3561aaf687cbba

SHA1
1b4dd6544baf59632198f6c00e48f741325abcff

SHA256
f82e3de7d8d9a400e9d54348909a9ffa64a609d1644161ee40f7ae53c79215ff

SHA512
90c924813a59015475717ce7b0271d503a3e3f365f25a62765e16d612c220b29ab7d665575be206758878f4927a420bf186acfc0cad1472ed4c9a12a44fd835c

Download Submit
\Users\Admin\AppData\Local\Temp\is-73J99.tmp\innocallback.dll

Filesize
63KB

MD5
1c55ae5ef9980e3b1028447da6105c75

SHA1
f85218e10e6aa23b2f5a3ed512895b437e41b45c

SHA256
6afa2d104be6efe3d9a2ab96dbb75db31565dad64dd0b791e402ecc25529809f

SHA512
1ec4d52f49747b29cfd83e1a75fc6ae4101add68ada0b9add5770c10be6dffb004bb47d0854d50871ed8d77acf67d4e0445e97f0548a95c182e83b94ddf2eb6b

Download Submit
\Users\Admin\AppData\Local\Temp\is-73J99.tmp\isproc.dll

Filesize
16KB

MD5
4bafb0739c5fcd96be991f2a3cc9ac2f

SHA1
9372b03e4515660f732bf6338c4d7e183a78d2ee

SHA256
7f74f1c445bf5e9456aae6fae695a8ca60e1d0eb5a2f44ac2cf0239a71f1a8a1

SHA512
095946b16020d52beb25b4037775af8bbf6a7f15b56e260a1bf90af5ccadc11cbcb78c80540f087597a2df6bf5d6b2c8358249aed121ef68e96a302a9fb2ec55

Download Submit
\Users\Admin\AppData\Local\Temp\is-73J99.tmp\wintb.dll

Filesize
16KB

MD5
9436df49e08c83bad8ddc906478c2041

SHA1
a4fa6bdd2fe146fda2e78fdbab355797f53b7dce

SHA256
1910537aa95684142250ca0c7426a0b5f082e39f6fbdbdba649aecb179541435

SHA512
f9dc6602ab46d709efdaf937dcb8ae517caeb2bb1f06488c937be794fd9ea87f907101ae5c7f394c7656a6059dc18472f4a6747dcc8cc6a1e4f0518f920cc9bf

Download Submit
\Users\Admin\AppData\Local\Temp\is-T8352.tmp\Supermarket Simulator 0.1.1.1 to 0.1.2.tmp

Filesize
1.1MB

MD5
34acc2bdb45a9c436181426828c4cb49

SHA1
5adaa1ac822e6128b8d4b59a54d19901880452ae

SHA256
9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

SHA512
134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

Download Submit
memory/2276-47-0x00000000006F0000-0x00000000006F1000-memory.dmp

Filesize
4KB

Download
memory/2276-33-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-19-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-21-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-22-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-23-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/2276-24-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-50-0x0000000000910000-0x0000000000911000-memory.dmp

Filesize
4KB

Download
memory/2276-25-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-27-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-28-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-29-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/2276-32-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/2276-51-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-34-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-35-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/2276-36-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-52-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-38-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/2276-39-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-40-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-41-0x00000000006D0000-0x00000000006D1000-memory.dmp

Filesize
4KB

Download
memory/2276-42-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-43-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-31-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-44-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/2276-46-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-45-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-30-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-114-0x0000000000320000-0x0000000000321000-memory.dmp

Filesize
4KB

Download
memory/2276-48-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-49-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-26-0x00000000003C0000-0x00000000003C1000-memory.dmp

Filesize
4KB

Download
memory/2276-20-0x00000000003A0000-0x00000000003A1000-memory.dmp

Filesize
4KB

Download
memory/2276-37-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-53-0x0000000000920000-0x0000000000921000-memory.dmp

Filesize
4KB

Download
memory/2276-54-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-55-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-56-0x0000000000930000-0x0000000000931000-memory.dmp

Filesize
4KB

Download
memory/2276-57-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-58-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-59-0x0000000000940000-0x0000000000941000-memory.dmp

Filesize
4KB

Download
memory/2276-60-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-62-0x00000000021B0000-0x00000000021B1000-memory.dmp

Filesize
4KB

Download
memory/2276-64-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-67-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-66-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-70-0x00000000021D0000-0x00000000021E5000-memory.dmp

Filesize
84KB

Download
memory/2276-18-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-65-0x00000000021C0000-0x00000000021C1000-memory.dmp

Filesize
4KB

Download
memory/2276-63-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-61-0x00000000073B0000-0x00000000074F0000-memory.dmp

Filesize
1.2MB

Download
memory/2276-17-0x0000000000390000-0x0000000000391000-memory.dmp

Filesize
4KB

Download
memory/2276-75-0x00000000074F0000-0x0000000007508000-memory.dmp

Filesize
96KB

Download
memory/2276-76-0x00000000750C0000-0x0000000075110000-memory.dmp

Filesize
320KB

Download
memory/2276-81-0x00000000074F0000-0x0000000007501000-memory.dmp

Filesize
68KB

Download
memory/2276-15-0x0000000007180000-0x00000000073AE000-memory.dmp

Filesize
2.2MB

Download
memory/2276-8-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2276-90-0x0000000000320000-0x0000000000321000-memory.dmp

Filesize
4KB

Download
memory/2276-106-0x00000000074F0000-0x0000000007508000-memory.dmp

Filesize
96KB

Download
memory/2276-92-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2276-93-0x000000006B080000-0x000000006B08D000-memory.dmp

Filesize
52KB

Download
memory/2276-94-0x0000000007180000-0x00000000073AE000-memory.dmp

Filesize
2.2MB

Download
memory/2276-95-0x00000000021D0000-0x00000000021E5000-memory.dmp

Filesize
84KB

Download
memory/2276-105-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/2292-91-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2292-1-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download