Overview

overview

8

Static

static

3

d10e886d53...04.exe

windows7-x64

8

d10e886d53...04.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/04/2024, 21:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d10e886d53b71dd48fc31ed6b929b75ad1d3eb21c737c261ce0f1f133eaa9a04.exe

  • Size

    243KB

  • MD5

    30161a52be12c23cdc656d8f06f128d1

  • SHA1

    7c466c57b78231b7c98dfbb551917eae2fa1f964

  • SHA256

    d10e886d53b71dd48fc31ed6b929b75ad1d3eb21c737c261ce0f1f133eaa9a04

  • SHA512

    d47d3227056a6af7f56874bdcfc6c7b8ad2a53c7f9127ba2ecba0d5ee37dcf82b6749b7a62613f89ab48774bf875a867225e6b33549e42804dcfbf091456333f

  • SSDEEP

    3072:hHk9UjrL5vSfmQcs3/Mp9jKsKKA1PQrVZXAUN1zHXyLlnem+eDlbn:h4UTxSfmQcs3+hKsXGKVZ11ziIm7l7

Score
8/10
persistence

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d10e886d53b71dd48fc31ed6b929b75ad1d3eb21c737c261ce0f1f133eaa9a04.exe
    "C:\Users\Admin\AppData\Local\Temp\d10e886d53b71dd48fc31ed6b929b75ad1d3eb21c737c261ce0f1f133eaa9a04.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4824
  • C:\PROGRA~3\Mozilla\pyhdnkm.exe
    C:\PROGRA~3\Mozilla\pyhdnkm.exe -iiopsym
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:5024

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\pyhdnkm.exe
          Filesize

          243KB

          MD5

          7651ca353b04469d7c1bafb7e506ad83

          SHA1

          dcd313d2a773c22f1abb36eca944d2df0b4cb04b

          SHA256

          a99bbec724255a90523792065db32d39e6f9ff9a69506d7c933c68d49f51e31e

          SHA512

          28877b22346d335ab3890c0f3b4a7eaff7873e62790aeb7d5fef35c14087ecca14e10e1f75c3a449156a4f92322e6dd882ee9a78675627dceab2b1c01b56efc8

          Download Submit

        • memory/4824-0-0x0000000000650000-0x00000000006AB000-memory.dmp

          Filesize

          364KB

          Download

        • memory/4824-1-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/4824-5-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/4824-7-0x0000000000650000-0x00000000006AB000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5024-8-0x0000000000C70000-0x0000000000CCB000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5024-9-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5024-11-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download