Overview

overview

8

Static

static

3

5ae388a69f...70.exe

windows7-x64

8

5ae388a69f...70.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/03/2024, 20:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5ae388a69f190ac73be7b616426a0c7985acedae16221c2c0723113ca1941d70.exe

  • Size

    389KB

  • MD5

    3068011e9d481d8790245184236cf214

  • SHA1

    6a6ed540eadeb28a1c5ef59da4fe2649b45ebe49

  • SHA256

    5ae388a69f190ac73be7b616426a0c7985acedae16221c2c0723113ca1941d70

  • SHA512

    9cfdfa485d1869e18ad87710ae081cb2a92e1d80261eaa5977ac65fa5ad18011abb140f8b3ac3dd737dd27aa502b2e64526a5f3162c58a420a4b04f946d102da

  • SSDEEP

    6144:GLiuv8j7ZuA5ErOOze1QXh0jfLwhkLX3fgZXVK7iRyM1KTlbfLWqqZy8JqMxLOp:wi1x55UIEhlCXvkXVg8IBjLvl8NLy

Score
8/10
persistence

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ae388a69f190ac73be7b616426a0c7985acedae16221c2c0723113ca1941d70.exe
    "C:\Users\Admin\AppData\Local\Temp\5ae388a69f190ac73be7b616426a0c7985acedae16221c2c0723113ca1941d70.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2956
  • C:\PROGRA~3\Mozilla\gfuniul.exe
    C:\PROGRA~3\Mozilla\gfuniul.exe -lfdzfzd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:2916

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\gfuniul.exe
          Filesize

          291KB

          MD5

          90e08ae9ead63b7fe131033a54260f8d

          SHA1

          c6be085a15837764c29796bb1675f40692d88596

          SHA256

          59c7df63d0df8b190eeaa32c7ea25f4c2f56bacf6f24b6a3db87a2c962e6e9b8

          SHA512

          b23da7207f1b1ef20ffbe94ca706ff5606b04f76060660718bf032ed7fabc9318b4b650524f2bb1f436d658b18fa1f034bc1657a80c59fe8a6852c6645940533

          Download Submit

        • C:\ProgramData\Mozilla\gfuniul.exe
          Filesize

          294KB

          MD5

          4bd2d203bfacc639f39cf92602987b72

          SHA1

          81278a03f93c9e0b7fbe7ec0ff3f1a8700e351fe

          SHA256

          ddbd657a2720c3bd02ea33eb089787c123ca7ddbe54b9217c119c590f8be0ad0

          SHA512

          b0ca7f1bb9fa63137af1e2bcfe687ce7b663053bfb503ae4566a59de559b861c80f491f9a9e15b10390eaba54545a140b7e00e9930dca12964d3226a7ea8bbaa

          Download Submit

        • memory/2916-8-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/2916-11-0x0000000000CE0000-0x0000000000D3B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/2916-17-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/2956-0-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/2956-1-0x0000000000620000-0x000000000067B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/2956-10-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download