Overview

overview

10

Static

static

10

TotalAV.exe

windows7-x64

4

TotalAV.exe

windows10-2004-x64

4

$APPDATA/T...bb.dll

windows7-x64

1

$APPDATA/T...bb.dll

windows10-2004-x64

1

$APPDATA/T...re.dll

windows7-x64

3

$APPDATA/T...re.dll

windows10-2004-x64

3

$APPDATA/T...to.dll

windows7-x64

1

$APPDATA/T...to.dll

windows10-2004-x64

1

$APPDATA/T...id.dll

windows7-x64

1

$APPDATA/T...id.dll

windows10-2004-x64

1

$APPDATA/T...mu.dll

windows7-x64

1

$APPDATA/T...mu.dll

windows10-2004-x64

1

$APPDATA/T...xp.dll

windows7-x64

1

$APPDATA/T...xp.dll

windows10-2004-x64

1

$APPDATA/T...en.dll

windows7-x64

1

$APPDATA/T...en.dll

windows10-2004-x64

1

$APPDATA/T...lp.dll

windows7-x64

1

$APPDATA/T...lp.dll

windows10-2004-x64

1

$APPDATA/T...ur.dll

windows7-x64

1

$APPDATA/T...ur.dll

windows10-2004-x64

1

$APPDATA/T...nf.dll

windows7-x64

1

$APPDATA/T...nf.dll

windows10-2004-x64

1

$APPDATA/T...ml.dll

windows7-x64

1

$APPDATA/T...ml.dll

windows10-2004-x64

1

$APPDATA/T...le.dll

windows7-x64

1

$APPDATA/T...le.dll

windows10-2004-x64

1

$APPDATA/T...ce.dll

windows7-x64

1

$APPDATA/T...ce.dll

windows10-2004-x64

1

$APPDATA/T...ck.dll

windows7-x64

1

$APPDATA/T...ck.dll

windows10-2004-x64

1

$APPDATA/T...dl.dll

windows7-x64

1

$APPDATA/T...dl.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-05-2024 17:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TotalAV.exe

  • Size

    53.8MB

  • MD5

    b736a845b8adfe0742a94c891a2757ac

  • SHA1

    e3779a453d51caa767dba6282fed486738e50032

  • SHA256

    7a75c2c9695157772541cd426d057ff382d011a2791bcc3e511d94592ab0dbb7

  • SHA512

    9f6ba59bd27e152301f8ce3333b0ee49f09c9779b1c41ff2923d9e2ee01519ebc14d270d43f39dce48afc17a7b0829a36bf285c8514efb41cedfe0cf0b3c6314

  • SSDEEP

    1572864:j8laJM6aR4falBhcz6SL189kXej1e/33NnsC2/f5ZKt:jdJM6aR4ymzvKkS1Q33/2/RZKt

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\TotalAV.exe
    "C:\Users\Admin\AppData\Local\Temp\TotalAV.exe"
    1⤵
    • Loads dropped DLL
    PID:1584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsn4141.tmp\System.dll
    Filesize

    11KB

    MD5

    3f176d1ee13b0d7d6bd92e1c7a0b9bae

    SHA1

    fe582246792774c2c9dd15639ffa0aca90d6fd0b

    SHA256

    fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e

    SHA512

    0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsn4141.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    b3070cf20db659fdfb3cb2ed38130e8d

    SHA1

    aa234b0620bebddde1414ff6b0840d883890b413

    SHA256

    f2c1409faf2952c1c91f4b5495158ef5c7d1a1db6eea4a18f163574bd52fcad0

    SHA512

    4849a4cf24ea8a26cd04eb132d479cc093d4e204ed3866a77646d03778f4c128e20722a0c3cd62ea98a37deea4ce505fe632420158c71a10b0c8c5e32b38e3f1

    Download Submit