Overview

overview

8

Static

static

3

275c9447c2...93.exe

windows7-x64

8

275c9447c2...93.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/04/2024, 19:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    275c9447c218cc7a68cf7433d4290e93.exe

  • Size

    233KB

  • MD5

    275c9447c218cc7a68cf7433d4290e93

  • SHA1

    21966e6035e2de498e71cfa8b68fdf55c1a28162

  • SHA256

    830294ed270176b24fa202b9ca21376b46c8790c064b4bafd829336ce656c43f

  • SHA512

    d5e5ca6eed9891888d60ad2bbb5c99d2109458ced47a8c5a288a40ba3287010cdb5ecccedd45d13a77f97e1ba788149d1b677d67c554043500d4ba1358f52348

  • SSDEEP

    3072:fs5jAp7XSXDHAGjTmwoI+2Msl1gwW/ZJK7bJ1A50MW5UtU88q/S2jbxWGqJsHe:fsapAL/jTroImi1ArWOtU8J/SbGqJx

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\275c9447c218cc7a68cf7433d4290e93.exe
    "C:\Users\Admin\AppData\Local\Temp\275c9447c218cc7a68cf7433d4290e93.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3984
  • C:\PROGRA~3\Mozilla\gfuniul.exe
    C:\PROGRA~3\Mozilla\gfuniul.exe -lfdzfzd
    1⤵
    • Executes dropped EXE
    PID:1932
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1932 -s 448
      2⤵
      • Program crash
      PID:2948
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 204 -p 1932 -ip 1932
    1⤵
      PID:1852

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\PROGRA~3\Mozilla\gfuniul.exe
            Filesize

            233KB

            MD5

            1f1cd72934290d4943a2981779ec07c3

            SHA1

            15a8995dd1264828e9bf1a055f1f3473ea34aa85

            SHA256

            fc57011b6ee6a2819f19de77a69a07523e7c5f046832ca1004a9d62fb870b340

            SHA512

            e6b5d9b040c4fd458254e39a8a63d3f91de076498d69e65932dc5425d3927ce33373bae9ac0db56857be8b3a8c2bc5b874c6b8970399a7590460d3b7c398e29c

            Download Submit

          • memory/1932-9-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/1932-10-0x0000000000C70000-0x0000000000CCC000-memory.dmp

            Filesize

            368KB

            Download

          • memory/1932-11-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/1932-12-0x0000000000C70000-0x0000000000CCC000-memory.dmp

            Filesize

            368KB

            Download

          • memory/3984-0-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/3984-1-0x00000000021E0000-0x000000000223C000-memory.dmp

            Filesize

            368KB

            Download

          • memory/3984-2-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/3984-8-0x00000000021E0000-0x000000000223C000-memory.dmp

            Filesize

            368KB

            Download

          • memory/3984-6-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download