Overview

overview

7

Static

static

3

MaltegoSet....0.exe

windows7-x64

4

MaltegoSet....0.exe

windows10-2004-x64

4

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

v4.6.0/bin/maltego

ubuntu-18.04-amd64

3

v4.6.0/bin/maltego

debian-9-armhf

1

v4.6.0/bin/maltego

debian-9-mips

1

v4.6.0/bin/maltego

debian-9-mipsel

1

v4.6.0/bin...go.exe

windows7-x64

1

v4.6.0/bin...go.exe

windows10-2004-x64

7

v4.6.0/gro....8.jar

windows7-x64

1

v4.6.0/gro....8.jar

windows10-2004-x64

7

v4.6.0/gro....8.jar

windows7-x64

1

v4.6.0/gro....8.jar

windows10-2004-x64

7

v4.6.0/gro...or.jar

windows7-x64

1

v4.6.0/gro...or.jar

windows10-2004-x64

7

v4.6.0/gro...vy.jar

windows7-x64

1

v4.6.0/gro...vy.jar

windows10-2004-x64

7

v4.6.0/ide...pg.jar

windows7-x64

1

v4.6.0/ide...pg.jar

windows10-2004-x64

7

v4.6.0/ide...ov.jar

windows7-x64

1

v4.6.0/ide...ov.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    839s
  • max time network
    852s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-03-2024 03:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MaltegoSetup.v4.6.0.exe

  • Size

    153.5MB

  • MD5

    7dbbb1a0cecce4a83d7226e7853318a5

  • SHA1

    aa929c4f69b8c5794c6dd04687cdbdd75fcd802c

  • SHA256

    611b014d7e6d599b972852d88e055a1b83d78f94a4eb6ba0901c966b5b6cb40e

  • SHA512

    55c430bd489441880caa05b3b149768efddaa688d3a0049b81a49bccc6cd64fa3eb700f50f205dead6493e65ee0698cc5049a04a026733391b4971f93ead98ce

  • SSDEEP

    3145728:Ayr4zQcJxO1tisITIaul50GAGmURl04wn0V8dzO/im89vrN/ZlWRo+:JrUvTIa6wUPvRVd/iD5rNxlL+

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MaltegoSetup.v4.6.0.exe
    "C:\Users\Admin\AppData\Local\Temp\MaltegoSetup.v4.6.0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsy9C6F.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    2f69afa9d17a5245ec9b5bb03d56f63c

    SHA1

    e0a133222136b3d4783e965513a690c23826aec9

    SHA256

    e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0

    SHA512

    bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy9C6F.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    6c3f8c94d0727894d706940a8a980543

    SHA1

    0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    SHA256

    56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    SHA512

    2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy9C6F.tmp\splash.dll
    Filesize

    4KB

    MD5

    1fb3af30d19bbed6c48a62786339b670

    SHA1

    6862cfa4448d2281f4768a6171a30bb0579df770

    SHA256

    20dd6d18ab68260e42c913bd0da988816ab2def4c7cb4894a1e0318924a22c48

    SHA512

    5329b6bdf7f634b34e755cb9c39b304dd277c1149b44e141565a17932d67f5879172f1befffa6461c908419e6cca1ca757ffc00050ab24cd837bc8c4fca40851

    Download Submit