Overview

overview

7

Static

static

3

fe5b2a5f74...35.exe

windows7-x64

7

fe5b2a5f74...35.exe

windows10-2004-x64

7

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

daemon/lit...li.exe

windows7-x64

1

daemon/lit...li.exe

windows10-2004-x64

1

daemon/lit...tx.exe

windows7-x64

1

daemon/lit...tx.exe

windows10-2004-x64

1

daemon/lit...et.exe

windows7-x64

1

daemon/lit...et.exe

windows10-2004-x64

1

daemon/litecoind.exe

windows7-x64

1

daemon/litecoind.exe

windows10-2004-x64

1

litecoin-qt.exe

windows7-x64

1

litecoin-qt.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-04-2024 01:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    daemon/litecoind.exe

  • Size

    12.1MB

  • MD5

    fdfdb87fd4f92ec8b0e6272bfa7b9687

  • SHA1

    bcc89ca319f884b51e8fee8a86d2601e76672f5d

  • SHA256

    f9b24218393ccbc15adc1ff9dfe7223a7bcdd172c898941d50890efe9d3e5ef8

  • SHA512

    8374efcb9062889f4b7ce308f947dbb192714914f1f606519f4b4ba05828c6d7f791c0a9d5b4f31486bed9896a5b6a629dbc46f98efa59e0a1e29b95db72b32a

  • SSDEEP

    98304:XiPCQNSdo8w5QAK3pSEdGTpxb/y18NgRKrNX+aY0N0NrTLtnKLYlPB/MgKCkVG1m:XOnSGGA2dylqUon0NwlkAe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\daemon\litecoind.exe
    "C:\Users\Admin\AppData\Local\Temp\daemon\litecoind.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3020
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:2636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\Litecoin\blocks\index\CURRENT
      Filesize

      16B

      MD5

      206702161f94c5cd39fadd03f4014d98

      SHA1

      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

      SHA256

      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

      SHA512

      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Litecoin\blocks\index\CURRENT~RFf762de4.TMP
      Filesize

      16B

      MD5

      46295cac801e5d4857d09837238a6394

      SHA1

      44e0fa1b517dbf802b18faf0785eeea6ac51594b

      SHA256

      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

      SHA512

      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

      Download Submit

    • memory/3020-40-0x0000000000E80000-0x0000000001AA6000-memory.dmp

      Filesize

      12.1MB

      Download

    • memory/3020-51-0x0000000000E80000-0x0000000001AA6000-memory.dmp

      Filesize

      12.1MB

      Download