Overview

overview

10

Static

static

1

ViddlySetup.exe

windows7-x64

4

ViddlySetup.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/04/2024, 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ViddlySetup.exe

  • Size

    279.4MB

  • MD5

    0cf231558b5f86b92c59c2bcfdc53df3

  • SHA1

    c4dd104e46b55b6e5e852018661bd2b56dbd8761

  • SHA256

    d8131a60bf70c99748e74fead61392321b0b899a080d2b2d30e09980cc363de8

  • SHA512

    305530185971b77d46a62c1f9bcfb83f44d27db571408570e6c3e80134c287f152c8c00369edbdc285acd1dbb42fe340007f96bdc81f222e672c35d31b255990

  • SSDEEP

    6291456:bL53o6uWPiTavCnZ/lqeeNoCF8qZpyoNFCgMJ:nBoJWC1xeNkqrnN0J

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ViddlySetup.exe
    "C:\Users\Admin\AppData\Local\Temp\ViddlySetup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Users\Admin\AppData\Local\Temp\is-EE7Q8.tmp\ViddlySetup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-EE7Q8.tmp\ViddlySetup.tmp" /SL5="$400F8,292010886,888320,C:\Users\Admin\AppData\Local\Temp\ViddlySetup.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\is-EE7Q8.tmp\ViddlySetup.tmp
    Filesize

    3.1MB

    MD5

    1b3dffee7c0bd524606a0a87f7d4a0c7

    SHA1

    cabfb4d61a7a92fb98c4e74768489dfe79ea6590

    SHA256

    c92f9fa6c1c6f0c3e8d0c5d6169b59201997274b74ad6020a5415ccd29b5f11c

    SHA512

    7c04fe6437cb2c531b7601cb303b6064890fe0fe7ac53d2a6b6fe8be90926b3520278812e425116b71fc243dd818d83a749451cbab40c1f3f96b76db5f393762

    Download Submit

  • memory/552-8-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/552-11-0x0000000000400000-0x0000000000722000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/552-14-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2104-2-0x0000000000400000-0x00000000004E6000-memory.dmp

    Filesize

    920KB

    Download

  • memory/2104-0-0x0000000000400000-0x00000000004E6000-memory.dmp

    Filesize

    920KB

    Download

  • memory/2104-10-0x0000000000400000-0x00000000004E6000-memory.dmp

    Filesize

    920KB

    Download