Overview

overview

10

Static

static

10

08a035a9b3...46.exe

windows7-x64

9

08a035a9b3...46.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-04-2024 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08a035a9b3a608cecd84b29eeae205174100acb58237036e727de33944b50e46.exe

  • Size

    276KB

  • MD5

    0cd6b4f27d0d9b6d3099545df3027dd8

  • SHA1

    eff67c1959150380821edcd2f27660a60638fd7e

  • SHA256

    08a035a9b3a608cecd84b29eeae205174100acb58237036e727de33944b50e46

  • SHA512

    191df90d84e2c30e6a8af047cc3ff07de66b7403d2d9768cb33eea5e8bd290c6faa10bdea6a15b7ff5b355c85b7544a1bf55b92e8e0eb4d3e47a3f0f081ec370

  • SSDEEP

    6144:yFpiTSfDhpOQAYg718kVFRCHplF6UoLGqpXK:FTSfDh7AL18UwJbhWXK

Score
9/10
persistence

Malware Config

Signatures

  • Detects executables packed with ASPack 2 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08a035a9b3a608cecd84b29eeae205174100acb58237036e727de33944b50e46.exe
    "C:\Users\Admin\AppData\Local\Temp\08a035a9b3a608cecd84b29eeae205174100acb58237036e727de33944b50e46.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4084
  • C:\PROGRA~3\Mozilla\hdxpvzc.exe
    C:\PROGRA~3\Mozilla\hdxpvzc.exe -ilrweca
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:5064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Mozilla\hdxpvzc.exe
    Filesize

    276KB

    MD5

    80f0240c24259eaa79b11ed80aa4aa1b

    SHA1

    1c4ddfdcf22e8324e4ca8b7504a415d78a0d47fa

    SHA256

    16473620b0c88d2d9c6b4c8f38753ef0147176e32643f220e081b0ea5b0206fa

    SHA512

    77055b67ae5b8a58384e75152d74bb2eaa14aaec7e356c6bed957045385974ed269b00744f45c6f3528fbf445189bd0eb3b00c0de281a6ae20688b38300f1d32

    Download Submit

  • memory/4084-0-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/4084-1-0x00000000021E0000-0x000000000223C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/4084-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4084-6-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4084-8-0x00000000021E0000-0x000000000223C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/5064-9-0x0000000000D60000-0x0000000000DBC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/5064-10-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5064-12-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download