Overview

overview

7

Static

static

3

ccae7dcb68...57.exe

windows7-x64

7

ccae7dcb68...57.exe

windows10-2004-x64

7

$PLUGINSDI...ge.dll

windows7-x64

1

$PLUGINSDI...ge.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...sc.dll

windows7-x64

3

$PLUGINSDI...sc.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...dt.dll

windows7-x64

1

$PLUGINSDI...dt.dll

windows10-2004-x64

1

7za.exe

windows7-x64

1

7za.exe

windows10-2004-x64

1

Ace.exe

windows7-x64

1

Ace.exe

windows10-2004-x64

1

Readme.rtf

windows7-x64

4

Readme.rtf

windows10-2004-x64

1

bass.dll

windows7-x64

1

bass.dll

windows10-2004-x64

1

config.vbs

windows7-x64

1

config.vbs

windows10-2004-x64

1

eula.rtf

windows7-x64

4

eula.rtf

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    16/03/2024, 00:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ccae7dcb68a9c13089ca9bea4bbe8557.exe

  • Size

    3.5MB

  • MD5

    ccae7dcb68a9c13089ca9bea4bbe8557

  • SHA1

    f5b5f701f2dd4295e5b118beae56776ccfa2f203

  • SHA256

    3f9b4dca68a3211b84335bea3dea651cc6ae2b3fcfaaca057debac69f4223f69

  • SHA512

    c9aecb5f8d24d4e0ae604c95021d81e02d186a024d4c46902100b045db4ac577cc824551210c8251b9b12fc7dc52c71d9c288fafdd985b9fb23f3e9c46efbdb5

  • SSDEEP

    98304:UVCXcGYaQUrm2qGXghcmbRZOVQLQ1ZCilXF3xkx:UVG9QUr9fXSSycZjXFhkx

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ccae7dcb68a9c13089ca9bea4bbe8557.exe
    "C:\Users\Admin\AppData\Local\Temp\ccae7dcb68a9c13089ca9bea4bbe8557.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2732

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsi2CDB.tmp\ioSpecial.ini
          Filesize

          714B

          MD5

          04e15501809d3fff14fa035863c51097

          SHA1

          085db7178ec8485946834011291e77b105c3fe63

          SHA256

          64e1f8e7d42566fad1cb62bff59824be453c32b23f263b487a810796db0b11b8

          SHA512

          15cc38fbce6940b0c5e44b7a5aea38f9367ca87735543ead235905d9d3d96b2655e5a8bcf6c2553443c04bf2895643e5a9d1379b1e0234d700f9cfc417ce971f

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsi2CDB.tmp\InstallOptions.dll
          Filesize

          12KB

          MD5

          3c19f79ce11facc2fc4d3351dbb263e0

          SHA1

          17f4bf4b18ea7700f70ac7d825dc997be0d25f71

          SHA256

          cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9

          SHA512

          05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsi2CDB.tmp\System.dll
          Filesize

          10KB

          MD5

          725145e8caa39635cab9899c47c72eda

          SHA1

          30478c907551bd920bf359638b091fc5c10b5a53

          SHA256

          1759e4f7777fb8c9ed356a7d4dc237a90e0760061685d44ea02d40ca9e359ceb

          SHA512

          de31286ea10321f762a3b6e7c6c82177d5b6f45a82adc936fcbbc23105708cbbbec903ba94ba94e7723e80f1828393e5395ef575b37136b19de7535e74e24547

          Download Submit