Overview

overview

7

Static

static

3

CrashReporter.NET.dll

windows7-x64

1

CrashReporter.NET.dll

windows10-2004-x64

1

DiscordRPC.dll

windows7-x64

1

DiscordRPC.dll

windows10-2004-x64

1

DotNetProj...ge.dll

windows7-x64

1

DotNetProj...ge.dll

windows10-2004-x64

1

Dragablz.dll

windows7-x64

1

Dragablz.dll

windows10-2004-x64

1

Jupiter.dll

windows7-x64

1

Jupiter.dll

windows10-2004-x64

1

MaterialDe...rs.dll

windows7-x64

1

MaterialDe...rs.dll

windows10-2004-x64

1

MaterialDe...pf.dll

windows7-x64

1

MaterialDe...pf.dll

windows10-2004-x64

1

Memory.dll

windows7-x64

1

Memory.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

OctoSniff.exe

windows7-x64

6

OctoSniff.exe

windows10-2004-x64

6

OctoSniffo.exe

windows7-x64

1

OctoSniffo.exe

windows10-2004-x64

1

PLEASE_INS...ap.exe

windows7-x64

7

PLEASE_INS...ap.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SYSDIR/Packet.dll

windows7-x64

1

$SYSDIR/Packet.dll

windows10-2004-x64

1

$SYSDIR/pthreadVC.dll

windows7-x64

1

$SYSDIR/pthreadVC.dll

windows10-2004-x64

1

$SYSDIR/wpcap.dll

windows7-x64

1

$SYSDIR/wpcap.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    30-03-2024 07:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OctoSniff.exe

  • Size

    17.2MB

  • MD5

    46735989b55ac72415a4a81db7ae80f5

  • SHA1

    d617a9a20b883cf76dd25c6012431f1986edbf37

  • SHA256

    139c77f42d7f66ecdafbaa7ab063b8caaddec726b64bfb2b71c3e9822d24acd7

  • SHA512

    2204045fa0744ec43b239893ac9038758cebb27b16ab9a9d1fbb48efde4f8e31786f1578505beca82c0f74beb685fa493520358369c5472f0831065e1dfdf5d5

  • SSDEEP

    393216:9JQaPHrQqXs140qMhu8369sV+HLz9SKUeNdDhHidcyNWi/x3E8sXzphsBOO0FmPR:9JQaPHrQqXs140qMhlK9sV+HLz9SKUeW

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\OctoSniff.exe
    "C:\Users\Admin\AppData\Local\Temp\OctoSniff.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2168-0-0x000007FEF52B0000-0x000007FEF5C9C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2168-1-0x000007FEF52B0000-0x000007FEF5C9C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2168-2-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-4-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-3-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-5-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-6-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-16-0x0000000076920000-0x0000000076921000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-18-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-15-0x0000000180000000-0x0000000180005000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2168-20-0x0000000076AA0000-0x0000000076AA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-21-0x0000000076A70000-0x0000000076A71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-19-0x0000000180000000-0x0000000180005000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2168-23-0x00000000769B0000-0x00000000769B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-26-0x0000000180000000-0x0000000180005000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2168-27-0x0000000076910000-0x0000000076911000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-29-0x0000000076950000-0x0000000076951000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-32-0x0000000180000000-0x0000000180005000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2168-31-0x0000000076AB0000-0x0000000076AB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-25-0x00000000769A0000-0x00000000769A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-35-0x0000000180000000-0x0000000180005000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2168-40-0x00000000769D0000-0x00000000769D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-41-0x00000000769F0000-0x00000000769F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-42-0x0000000076A10000-0x0000000076A11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-39-0x00000000769C0000-0x00000000769C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-43-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-44-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-45-0x0000000001FF0000-0x0000000002070000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-46-0x0000000076940000-0x0000000076941000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-48-0x00000000769E0000-0x00000000769E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-47-0x000000001D2F0000-0x000000001D7A8000-memory.dmp

    Filesize

    4.7MB

    Download

  • memory/2168-50-0x0000000076A80000-0x0000000076A81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-52-0x000000001D2F0000-0x000000001D7A8000-memory.dmp

    Filesize

    4.7MB

    Download

  • memory/2168-51-0x0000000076A40000-0x0000000076A41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-53-0x0000000076A90000-0x0000000076A91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-55-0x0000000076A50000-0x0000000076A51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-58-0x000007FEF52B0000-0x000007FEF5C9C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2168-57-0x000000001D2F0000-0x000000001D7A8000-memory.dmp

    Filesize

    4.7MB

    Download

  • memory/2168-61-0x000000001D2F0000-0x000000001D7A8000-memory.dmp

    Filesize

    4.7MB

    Download

  • memory/2168-68-0x000000001DED0000-0x000000001E388000-memory.dmp

    Filesize

    4.7MB

    Download

  • memory/2168-85-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-86-0x0000000076990000-0x0000000076991000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-87-0x0000000076980000-0x0000000076981000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-88-0x0000000002090000-0x000000000209A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2168-90-0x0000000002090000-0x000000000209A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2168-104-0x0000000002450000-0x000000000245A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2168-111-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-113-0x0000000001FF0000-0x0000000002070000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-118-0x000000001EC40000-0x000000001EC84000-memory.dmp

    Filesize

    272KB

    Download

  • memory/2168-119-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-120-0x0000000001FF0000-0x0000000002070000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-121-0x000000001EF70000-0x000000001F68A000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/2168-122-0x000000001F690000-0x000000001F6D0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2168-123-0x000000001F760000-0x000000001F7EC000-memory.dmp

    Filesize

    560KB

    Download

  • memory/2168-124-0x000000001F8F0000-0x000000001F9BC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/2168-126-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-127-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-129-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-131-0x000007FE95C90000-0x000007FE95D10000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-133-0x000007FE95C90000-0x000007FE95D10000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-134-0x0000000001FF0000-0x0000000002070000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-135-0x000007FE95C90000-0x000007FE95D10000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2168-136-0x000000001B240000-0x000000001B246000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2168-137-0x000000001D7A0000-0x000000001D7A6000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2168-138-0x0000000076A00000-0x0000000076A01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-139-0x000000001FFC0000-0x0000000020070000-memory.dmp

    Filesize

    704KB

    Download

  • memory/2168-141-0x0000000076A60000-0x0000000076A61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2168-153-0x0000000076CE0000-0x0000000076E89000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2168-154-0x000000001AEE0000-0x000000001B080000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2168-155-0x000007FEF52B0000-0x000007FEF5C9C000-memory.dmp

    Filesize

    9.9MB

    Download