Overview

overview

3

Static

static

3

2024-03-28...ce.exe

windows7-x64

1

2024-03-28...ce.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28-03-2024 14:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-28_856b103012ed09d7e80cafe601f56a11_polyvice.exe

  • Size

    12.6MB

  • MD5

    856b103012ed09d7e80cafe601f56a11

  • SHA1

    521cb2fe006bc3c1f1e10bc9538b7882a71da45e

  • SHA256

    680ca38cc3ff630d1570bef6a3bdc16e9cc0b4ef892b40510ed4a57bcae52f56

  • SHA512

    6b74b03accc052f59bd215c67ed11a64c62d04c3671a8d6c331fe648c4e206e4462e9d320beb3dee56a5c5096850231063ffa5a1aad94e508f1e149aaa3e3a21

  • SSDEEP

    98304:fV2Tlukej4boIuBF3x+61qZ8aQ1BJEyEGCq6+teT9I/o36fFhePqBiTSXtmVyFMj:olqj4bo/1qOaG8lI/o31PqBVXIDRp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-28_856b103012ed09d7e80cafe601f56a11_polyvice.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-28_856b103012ed09d7e80cafe601f56a11_polyvice.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2260
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:1724

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\AITTCoin\assets\000002.dbtmp
      Filesize

      16B

      MD5

      206702161f94c5cd39fadd03f4014d98

      SHA1

      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

      SHA256

      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

      SHA512

      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

      Download Submit

    • C:\Users\Admin\AppData\Roaming\AITTCoin\assets\CURRENT
      Filesize

      16B

      MD5

      46295cac801e5d4857d09837238a6394

      SHA1

      44e0fa1b517dbf802b18faf0785eeea6ac51594b

      SHA256

      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

      SHA512

      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

      Download Submit

    • C:\Users\Admin\AppData\Roaming\AITTCoin\database\log.0000000001
      Filesize

      1024KB

      MD5

      6b0141dc922fa3f6abf2646861af0f3d

      SHA1

      fa12568cb90346fbcfe7daa95294ffee6592bcab

      SHA256

      9d9640f25a11de058b29c79a7b859750e908c325d8e004812b42c3983869511a

      SHA512

      191d2742a1b4e16086755c661ae5ced90e95d680ad7b93f326009f91846a1606671ad1f97e0bb3b92507415f27bcd7c122751d383ca88bb624af0dd5d9bc8923

      Download Submit

    • C:\Users\Admin\AppData\Roaming\AITTCoin\messages\messages\MANIFEST-000001
      Filesize

      41B

      MD5

      5af87dfd673ba2115e2fcf5cfdb727ab

      SHA1

      d5b5bbf396dc291274584ef71f444f420b6056f1

      SHA256

      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

      SHA512

      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

      Download Submit

    • C:\Users\Admin\AppData\Roaming\AITTCoin\wallet.dat
      Filesize

      1.4MB

      MD5

      035c0e3775936ea22075dab48350d149

      SHA1

      afe8e8c8b66b58f37e4d20a7e934a523f406007c

      SHA256

      b41f1994330adcf55acd9eb055334c5d62e54181a14bb9c1112970f75291f48d

      SHA512

      e2b101c21621c5cb05b464c23a157a112c77be024200b6fbc751e819d6d20702ae819cab593cee104fb69f91fafc0b3eb2535efef6a3c1003152f17f26bfa685

      Download Submit

    • memory/2260-133-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-138-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-132-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-130-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-134-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-136-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-137-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-131-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-139-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-140-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-141-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-142-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-143-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download

    • memory/2260-144-0x000000013FCA0000-0x0000000140948000-memory.dmp

      Filesize

      12.7MB

      Download