Overview

overview

7

Static

static

7

Fresco_Set-Up.exe

windows7-x64

7

Fresco_Set-Up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    18s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2024, 17:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Fresco_Set-Up.exe

  • Size

    3.0MB

  • MD5

    5adfece3ee9fa5ecc4c11efe56a90e8c

  • SHA1

    2657817ee4318a1e196960803cd8a6151e03d090

  • SHA256

    f7a7b683673b765a8d1ec0ed59a6ff38ff07c2dade2090d75444cdc5ea97abee

  • SHA512

    a6dd1a1bad92b2a614ef8f029ebd9574364df92fb29abdd2d5dee5e38c172db0fbb5f9af9f9c92a600e46ba06bff0c6fe089c64f7b54f657f7117406479e31ec

  • SSDEEP

    49152:cZnCRw3438x0TVDKNxOafuUYUc9no2IWkAyf1CQ+v5XxCv6Px8DE:cARw3UJKHOa/Xffs0S5j

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 4 IoCs
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Fresco_Set-Up.exe
    "C:\Users\Admin\AppData\Local\Temp\Fresco_Set-Up.exe"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.adobe.com/go/download_FRSC_en_US?mv=product&mv2=accc
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2424
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1140

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ecc864dd8bb4796145c1806ae9f990ad

          SHA1

          a9df7fda1da6c7804e965db9920f7acc6ddbb3fd

          SHA256

          c55511bd0b861cdbe6ce8e0a107c400792aeae0aac72995ef567dbcdc655cbbd

          SHA512

          c02d863f8667f803bde32695081e4b307f79534abd3747d44ebbdf9ab878289cf7a3420806bf21b4845ade0c1ee6e28fabd5e9b621dc843e0110ab22d6bb7cc3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6d046ed168294a5869c395cbb0a31667

          SHA1

          bbe3fb9318dc351d727b3ebcd7e2e733a16498ba

          SHA256

          5938251ccf57fcc0696c89b2db697492503ea82fac9a2791b0c4d57094b7ddee

          SHA512

          a211ace60905edb95c9103e3eedd71d44ed33c8418b0a878d1acde15b21f0d25a48a2b356825e8c200f0ca16fe538882e8fe5539b597325c7a9daaab7e1f7266

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d7668659fb2eb286d7f8956cfdfff213

          SHA1

          a88d25b889177321508f366f70b1217fb18dcf08

          SHA256

          ac1fd1e1ab77b3d4efdde3aef69047a03104069e4e6a8f0ce0bc0f46916ec168

          SHA512

          92cbe658c9103ed03d1df6ac2459be0acfd3464583193d233792432f3eb681f3c233a4ddbd809b4b8aa94e207063283c7a77c61ff8c0287fc2e2b14c286ab5ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bcfad4fa2d7b4e84caaede5039e99544

          SHA1

          8bbc0435611b4949e7a995e14011473d80ed12da

          SHA256

          ac262815cdfc71be53dc5b908166601377407193e757da132b063baf27d5f7b3

          SHA512

          f857320996324fbd1450623fe0c9b5b4b32c4f505f125a3f2f5dc291531467c8bb8a98ba831a2c3ed31eb61458fce0afadca4a825bc98721f14660f2bc3f8999

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f5a2d120cb6e08b417bd066385c34d22

          SHA1

          6be25f57be505cef6503339ee98a3e00010973aa

          SHA256

          4d65d74c11818e00aa2f89d47121f20dad7eddcec9009bb6648c975e540a92db

          SHA512

          bede91654ac913ce300c6501174ac3cb46b2abe310cbe8db63130cf6f2c87df1fe0ef826e5a184e5565a91e759365ee80486c2464193f848a062eb81cab001c4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          01b5e5c17251e876960786ddac29867a

          SHA1

          3e4a04c16343658b8cca2a052e0dc0168f6ab15d

          SHA256

          9a0a84336070fae32f0cb3a30e7e8406464b9dd165954d6f1961ed6e012a4070

          SHA512

          0dc07a25d81e3f2f703092640e23897c51bdf8c1d128b4ff17c8ee44dd8204352c1158544a3cd139b11711a6861cf718480ddcfd1cffe0a2e03ff3781b4e35e4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5c59291e0c8c5087c0358c7462ea564e

          SHA1

          41d24b743383373a3282dce825f60b3c4f09ca37

          SHA256

          ccd1ee5114d135e1360827d8d41cceca3c97ff8bbe97fa7fd309a9cc7f26b863

          SHA512

          8171ae48f883b5829ae3a5016b837c31cec5fa165dc1247e6a44a6b38cf0885dbafba7543fa9b3ebbe8cd0abd0f49019c65216e0cd1ed21083c5aea1a6f1aa0c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e7a6b5e84f25e45fbb439c9342fa12d5

          SHA1

          e5d2272892ba91d13e27ac61075ac3527ca47db2

          SHA256

          45782bec7f2ce3829672bcf421d39c246ba9b7a56c857c30ed696a258cb7be1b

          SHA512

          7dfdd522b4272c5baa505ee19ee67bfa4ad560de4f809bdcf5df5216aff466d5ee13104879721058888767cb6ecdc12f372fb3bee64b10c5f8e13cb1b1651f84

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          456eb1284de8ad0bebf495463bf0c6ca

          SHA1

          54c63ea381348165f09b05ba44e1496144dc5063

          SHA256

          ae4f339bc069cc4e91ca33dc053b74d2a689a12835d7e54ded94c7b3279f8726

          SHA512

          c6e592fdc8c07ee3353fddc6c7ad1aa0ca9d45a77964a8f94c3d646edd1c2856fe865f6bbbe414dadf174a3f931c97f58837af0ed9f4c67beceaa67fe9f8e9f5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7f3568f52d8bea9718e1013a3ca2f7e8

          SHA1

          4b601a0e5d70f22e1900524852a9259724d32315

          SHA256

          04d1155e02882ef2380ee5b73095d730b6296b48a7d62855277a6028122dcf2f

          SHA512

          aac4d4415a72625bb68681c9b5cf2109d9a4736bb26d2e4fa97552069c02b0437520cee606b5757a1665001ef727e42153190441743ae36865b3db550358a94b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5C44.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5C47.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5D28.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\{6DB16953-C391-415E-98C0-1C4740965AD9}\CCDInstaller.js
          Filesize

          1.2MB

          MD5

          fb970bc9889933229160723a60571dde

          SHA1

          b1b68348b77101b31bea510311c6e85451f833fc

          SHA256

          39e34fc3dfd74d25631ea2fecaca70a5d767b5f3f40f24380237dc06a80252e2

          SHA512

          65c4b44e42c7d94a89be9b18ef7589f16f247f47f459da2e8b59b4ffbbba25cbb07971f8484e9bc25bd8c6f953a291ab9384a154aab9ad1572375b3b30c31886

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\{6DB16953-C391-415E-98C0-1C4740965AD9}\index.html
          Filesize

          426B

          MD5

          a28ab17b18ff254173dfeef03245efd0

          SHA1

          c6ce20924565644601d4e0dd0fba9dde8dea5c77

          SHA256

          886c0ab69e6e9d9d5b5909451640ea587accfcdf11b8369cad8542d1626ac375

          SHA512

          9371a699921b028bd93c35f9f2896d9997b906c8aba90dd4279abba0ae1909a8808a43bf829584e552ccfe534b2c991a5a7e3e3de7618343f50b1c47cff269d6

          Download Submit

        • memory/2512-0-0x0000000000940000-0x0000000001305000-memory.dmp

          Filesize

          9.8MB

          Download

        • memory/2512-72-0x0000000000940000-0x0000000001305000-memory.dmp

          Filesize

          9.8MB

          Download

        • memory/2512-31-0x0000000004B50000-0x0000000004B70000-memory.dmp

          Filesize

          128KB

          Download

        • memory/2512-14-0x0000000000480000-0x0000000000481000-memory.dmp

          Filesize

          4KB

          Download