Overview

overview

8

Static

static

3

fbcdcb46ec...a7.exe

windows7-x64

8

fbcdcb46ec...a7.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-03-2024 11:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbcdcb46ec96776bd3eb20edfaa2ec5379ea4e2c2454dafb947c369f89d551a7.exe

  • Size

    138KB

  • MD5

    ba32b16f4afdbe8fa146d2972fa7901f

  • SHA1

    32ab987b891dd3a069754d51d7d6e278504d591b

  • SHA256

    fbcdcb46ec96776bd3eb20edfaa2ec5379ea4e2c2454dafb947c369f89d551a7

  • SHA512

    62b1d09b3fa803251e5eb0f1ac0845790bc8d9975e565449a35c34dd4cf7230666af690de80041cfb9dbe9be007d8c6b6a629e707481470e6e5a8c7fb6906c74

  • SSDEEP

    3072:+m1/mS7+mI+N9khVJSXw9As+G8izV1beXdKBQzL2gM5VaM:hPLI6WVJSA9Af4zVkXI5xb

Score
8/10
persistence

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fbcdcb46ec96776bd3eb20edfaa2ec5379ea4e2c2454dafb947c369f89d551a7.exe
    "C:\Users\Admin\AppData\Local\Temp\fbcdcb46ec96776bd3eb20edfaa2ec5379ea4e2c2454dafb947c369f89d551a7.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1932
  • C:\PROGRA~3\Mozilla\hdxpvzc.exe
    C:\PROGRA~3\Mozilla\hdxpvzc.exe -ilrweca
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:5040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Mozilla\hdxpvzc.exe
    Filesize

    138KB

    MD5

    029dbefb5cca18c6b1446f2affd81d41

    SHA1

    3dcabaed8c8724d8bfb329a7465c45d03b1c933e

    SHA256

    975ce550e0ee38a3efdb462cc57c6729bce9d97921a7886eb446d08b05f7e6ad

    SHA512

    8f6f63e08ae5bb7eb5df75a030196a784c6e804130ba1277879e44e5aab885e05572b730e09e53567d976a5b4b8c14889e1836b39394e5fd1a3ede845db26e89

    Download Submit

  • memory/1932-0-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1932-1-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1932-2-0x0000000002150000-0x0000000002151000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1932-3-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1932-9-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/5040-10-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/5040-11-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/5040-12-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/5040-16-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download