f982c687ceca030fc9abc7f4f28960e701d5a83b3a539b0633ab1b628ac86d0e

Analysis

max time kernel
147s
max time network
128s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
08/05/2024, 22:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Sonic3D2d 1.34.exe
Size

21.0MB
MD5

3d63fda703ee81f3c73931d53b6c4662
SHA1

13e61794c42c9fb382b5ee358a2c83344cc7e55d
SHA256

5d8ad960833081babab1bf47f0ab7eb0f539401d1405892c04f6370e68b3cdce
SHA512

8933f15726866d3a25715580ff2d1e41ea7826d2d3e4a749aac6ab3f28848634144b92494032606d4b6e7bb62eda99ea053131b3841ccc22cf7c2adb0127a6c3
SSDEEP

393216:vnzrYqvkbXVATkTGPyeL9QjMlXohgLMpaQBiikWzkm/ytJJJH3s8X/n8IdJFy:fY5oawJ4MlXowMpxBhkWzkf3JJH3ss/A

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 40 IoCs

pid	Process
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2484	Sonic3D2d 1.34.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2484	Sonic3D2d 1.34.exe
2484	Sonic3D2d 1.34.exe

C:\Users\Admin\AppData\Local\Temp\Sonic3D2d 1.34.exe
"C:\Users\Admin\AppData\Local\Temp\Sonic3D2d 1.34.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\Capture.mfx

Filesize
36KB

MD5
ec4e21808b63ecfc58c4d8b98fcdd058

SHA1
446086f70bea11c34e617889e7f508dd3f33ef10

SHA256
e6843e64e5dd21476955bf3dbf74a20373865bb52a52fa3fdef26692b8adebbd

SHA512
f8b89704d668d7f9429be3cdc109ea4d35521edc38303cd875f4554f6d18af05adf325ddd93ba30c990662b9f7d72236b5e5da6f0989bb0ed2dc625842d5d074

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\ForEach.mfx

Filesize
73KB

MD5
2dabe793c09bf89d1804a5782e1eb755

SHA1
4644b57822ce69065b12708a00a1c855a6808dd4

SHA256
2e3b169f989ce609b2dc4aa052343937badb1fbe41a702bf8327af9912d935b2

SHA512
733249817df2e511d14d855a229ea4bd1383d2659504aae6e3855117c4fd13beb19db1fafce752c9913f8c3341f62d03bb8d37619317be55580dd04a44b02977

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\FormattedText.dll

Filesize
62KB

MD5
a03920b4d31410398b7865c0504b7e7e

SHA1
b956e4ab1bc56484ed3e86197e68aadc6291f842

SHA256
c32833509d7230f4b9ede6141a663622edbbbfe8856e8ed8b96b200bce8c837e

SHA512
337bc2951cf21678b396bbb37bf0d6e099c6d9467660742bb54db7912b1ab9b56bd168b4afec9fc58ced12e3ec205b84ff524f62b7d3ea1382d4a2ba7fc48865

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\Joystick2.mfx

Filesize
176KB

MD5
df4c6848a5f210cf3f95a2ab0dffa999

SHA1
1387ed0d1ef88452adeb2518da3793c6f18edfd4

SHA256
883a9396602369da3c109c869119fe075442925450081f2881d67be0764f3eec

SHA512
b8962d56234c9188c9deb4587de334e0e9ba495d265dbddcf0ac59e5207a9d6ac0cfa84b9aa7029650d60ed71d232f66267cef7c287a9ec25eb5ab3ceb26e676

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\KcArray.mfx

Filesize
32KB

MD5
e6e75d5e75a02743fe0efd673620bc5a

SHA1
5366b499e6413f6ddbbf53ce3ba4da3da260f69b

SHA256
4acc16898136313b0ba79b458c33f8d2194edb7f398124800bac70796086e5f6

SHA512
efb1bac52b282fbea2b7003697ba959029b362a3c35c96c30d155636f1bc3735b858d80002427d575570c456318b4095d4b9443b24fa63f57211083a978f916a

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\KcBoxA.mfx

Filesize
44KB

MD5
08ac00f4d05e68d8b5ab6870bf1f076e

SHA1
b8eb503bf860df5938df5cd59cea47392d129217

SHA256
1cae93696ec030be6317a338c3c8bc4274a53632c03ca60aab0bee59d361a380

SHA512
1da050749fb1e8f2917e550a86933b9f69cf4e972f1a166d0c24a2c9e1307fbad88aad36e7f1082d481c116f36e8e2b3327d630c136f02f6f465835fbd76db2e

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\KcBoxB.mfx

Filesize
40KB

MD5
86d2b0df60742ad2678a9b6f8683ea7b

SHA1
9c37306d8f55f4be975dc9c35e2346e5a7916ff9

SHA256
7f129f2a2305fbd396661ef2910ab48346d589f20ebc7eb85249ecce80d307af

SHA512
9d8d5e1583d5d6eb88be7a58bd2ec5676b3ca34c71931d0a6a755333be231f810765f8b9b8725c53360dfe0da863b97aac262740c159e6374326a723f36632f2

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\KcButton.mfx

Filesize
40KB

MD5
b848bbf535366b6053f7bc8ab87fc5e0

SHA1
19d8a51062201531ff58c898925e53490c22213e

SHA256
94cea0df9febe19fc2e1a905bd7df0bdab63797a42a7006f14bc8838003e5a45

SHA512
cc6df5fb9ef537a255faefb890ffd07556bffec5abd6a914afeb004b77dede2db21dce1179a36b8641e7150e8c466345a58288835722639c1fbb7e5665122543

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\Surface.mfx

Filesize
301KB

MD5
9abb781bbb65b1c9649d5cfc124a2ed4

SHA1
d49c6e43cfbd6f360013b907d09b6eb7a43b9d2d

SHA256
e6bd038aaf37b486d326d9e1dd1a1c2ebf8eff51809a564245006bf3b25ba976

SHA512
f396a57d441d657ee613be1f7fdccb27be5df9c34ca930dfe6aea7d95acca5dc25988212697b89e46ad73273f90d4c07f17c888892a8f74ecc9c22a72399a821

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\ValueAdd.mfx

Filesize
101KB

MD5
32f45a7981e0796b2168bec9cc704f04

SHA1
d17202262b1d20a90e11dfd5dfbe0e34f73bdebb

SHA256
a921c2914a0d37e0f61e9b13384151819fd2f0738aaa6cd0de0f1983aa3a43f7

SHA512
0c6ef0bc4a00199459a22b779af97f9947a639b4bcca63cbbd2b404e11964abe03313bf85b67af31fd8d96f48609410bfbf39ad935847a286153a15435e46e30

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\ZipObject.mfx

Filesize
56KB

MD5
6dc3313ac3c6af1c32804740cf383b7b

SHA1
38820d8116a6dc43c281312b6d4860d17454c277

SHA256
f2d9521ab7a1b67f5574f6be832a98960a28eb659cce2189440078a708980097

SHA512
eb12898d2611a2a3114b19a0ea0530aebfe9796b5ca0a075d9ddea863852dab82640b6129a778338964cf8d8bb397c9a8aa180d92b653e4d4a949f405b5fe40e

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\aiffflt.sft

Filesize
6KB

MD5
0bc2cc0ecdd4c4de5de9decb6a19f7f7

SHA1
3eb4101ba36b631aaed433f698c8260477d6faf1

SHA256
edcd28bc69e9538d90f4ab40ad86a67e3964b8a4575152c0b4c9c1c6833c00f0

SHA512
9d357afd70fdd2b5216816a12bd2dac8f3b9112e9425cee9b066993bb5a3732dfd7ff73a9ca7b72e927dec3950f17b87b3e00b3cacc2096571abbaf80ae6467f

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\aviflt.ift

Filesize
24KB

MD5
97b3b613ed1f994389b1a963b6e781c9

SHA1
13b38afdfd6ea283a2012bb8e5c652e13175440c

SHA256
cb5f43c24df39973b983b7fda4abcef60f425061d880c7dd9514b501b84790f8

SHA512
97cb23d76d926fe03573c127862b738217f91b0cb61517df7514597fdc50844ccb3d4f799b9a8b23b8da37a2b802ee2bd1e56b5e9fdb699bc3d511868ffd417c

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\bmpflt.ift

Filesize
24KB

MD5
a73a9c8e91ef95cf4eabadf8f7334abf

SHA1
763195d19f5467c593ab638dbdd0a0277a3048f3

SHA256
02d03c4847e34c9029cca452e37ada5ef40167406d4474a9393e11aace024c3d

SHA512
cb5f451d8e637d466fec2dde865d5daac5a15ea44b6e2ce0506070c123ffad506f5f9739a9ea440f01c8f331cc9d42802cc14f82e1252ac667fa7318bcdf3acb

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\ctrlx.mfx

Filesize
44KB

MD5
ceb8b2e522d0aaaecdf69b3bcc89a530

SHA1
c1cf769a96a9612f7fd0c1965413f4a57e4907e1

SHA256
3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

SHA512
3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\fcButton.mfx

Filesize
56KB

MD5
22b13517a863fadb37c909b2faaa705a

SHA1
3f2ddb61df1464442756fccd1898613dbf1787cd

SHA256
4e005c44f0a44d3f1464a75a15cee1a8653b3a7c1c26fd2796ced7f0a0b1241b

SHA512
75c26544106d22618557cd10565d5fdd59541b1031521dd397b3cc357cf13e0273c792918c63778714d1c4dadcc6e3f17f984e14e36964ccbad04b67dd2305af

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\fcFolder.mfx

Filesize
97KB

MD5
cb4a2ab97e3a54ccdd810e84c63b2df6

SHA1
922f4620ba9e99a7887822901835d883725c6a08

SHA256
a148318739121b15fda86588f826daa8b9fc3f2da56f9b8d9e9a685a8e832bd7

SHA512
ee726de3f9d3f2b45c0f2f7f814f19e637f086f174ee1d3b6d3b721caf09ae35560040fbc3f02adee3ade52f1cf46ab4c28ad98ac77af55713c712c605b240e4

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\fcMMF2params.mfx

Filesize
60KB

MD5
fe2e0e4191547da925a6ebff4bb0dc9c

SHA1
7c72b0391b02140385df169a6ff0e3451cf900c5

SHA256
4566dba384923ae0281688e19d765ca033a9c03c611efaab7999938585a18d07

SHA512
f974be1a139aa1a697077f2ae895c08ee170f54d72e887df991ad28052e4acb57171092015adf5d3e0fcf05337a34e1651dd82a6af1343520a66485dfbdbd91b

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\fcMsgBox.mfx

Filesize
63KB

MD5
99b871a03fc7a3e55f965c35670398ac

SHA1
d9c058fa6414aeef5c8aba262df8803335c7dffd

SHA256
a7078267ff7d905b45ed5496a03a14ca6b7f50f17f7a23c5e6e12dd2e7920bf2

SHA512
ca374f25b570aa2f53d4247fb411700163b9ecbaf332f06388d4fdfcafb4c65f9612ea39b7c1a5d39d0146d1a6111c3257f88e88ef20711188b5fdbf16b73ce2

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\fliflt.ift

Filesize
28KB

MD5
91b37f29180a7bcca82dd4682d677b3d

SHA1
bca27cb7ddb271e6649f264777e04970f5ad1276

SHA256
4b651eaa60da09038984a9b7027826941f61f6da58d3f57d11349c8c1896a6d4

SHA512
2fb10952f2671e6a42a9748279aa94e9ce9b307d57d562f9ebbaaa88e27ca96eda36a5fa209df0f791adab7e8d896916b30330ba759b9278cac4bff43600d6e2

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\gifflt.ift

Filesize
28KB

MD5
9a1a0b8e7045c06c47abeb52d861c377

SHA1
6a1c36eb8354f62d5eab6d7c62316fd7d0e1aa92

SHA256
8fadc250c2afc00b0430c5df576cfd2d444367ad928027334c5d03829241cf92

SHA512
918a672f82be50a42c237eeb361b971c724a1d7b11cab183dfd5125bdb7663cae588fa92b142dc99a88407a133bbe58bd7bc0c5c60d93287c470375fc094f079

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\joystick.mfx

Filesize
36KB

MD5
9394a05326bf57420b77ac9712b9944b

SHA1
80ab9a741fef66f2c4b994fdfcf7b16eeef559c2

SHA256
2b4346eab390370db0f7ed1261e3c38d36d749c078b235f63be62a4317e33eea

SHA512
4a6884700f61e6cf755913cdfd35ab80dd6a6d211775d0cf534f72eeab3e1e2eca386a27ddede00e90fe5a6e09c132e0e6d97fbd78803b9dee13ea4f452572d6

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\jpgflt.ift

Filesize
96KB

MD5
ba4a1f5006fc3fc33f30e82a964cd7b3

SHA1
8099283e645b6ef523757afdf552da3dc9b72924

SHA256
5bcaaff4c698581603d4165308260412b38ac6cf708486b53bda3bc76241098d

SHA512
8eaa1bae465a0ddd498372fcc9bd9c2b3bd9ba861abcc9158a0e3b8cf14f2a6fc8aae8fb129f96ea090c023247dec56524b2f42fa25239c08145dbe7c664a11e

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\kccombo.mfx

Filesize
32KB

MD5
d65a417eab8450e73f92585214df6621

SHA1
e82d9d88f9f27152f88ab9c46be91f42057ab4e4

SHA256
046d8726045276064396972fa12421d7d83b7d665d23d118e04a9e94bdcd1c49

SHA512
707f22dd54ae34bf2915e2eaac8f35331fa3e6d55b133a9b503cabf0c3edf2a6ba8586cc33cbb95eb27e79c836e17f9c3bf2525b8ffb284938ec7bf9cad9b14a

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\kcedit.mfx

Filesize
32KB

MD5
62f67209e7995da3f14f4b697235a99b

SHA1
158248b41de5449ef647a2caeda431dc544aa59d

SHA256
1fb56c1a5fb313c8c51fead10472566328c9260aacc72aa8dde8d345acf53203

SHA512
3857939c51b5045030df233393597b9b56a0534a2ea570d748a002b19b0b20de16b0d5181cf9eb6180d24b4de0a159e21275d12bdc7673a3f891ce155db42325

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\kcfile.mfx

Filesize
116KB

MD5
fe2b4c6a45ce244f1c40f730008465c9

SHA1
9dfd41a915c19a4520a3024e9133e9a24e61779f

SHA256
7daa995fbf72b941859177b08b2785dc107f1a3deb99f6ab4c675d2b0f03a06b

SHA512
caf9e1bba2a5560b73c47d116f0f0f016a88f54e5397499fcd5b8a648bf676b93eb255a32fe7f71f0462b481737eba2d01cb9e790b75897c44ea741d73867b39

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\kcini.mfx

Filesize
114KB

MD5
7c0cb7fdc0d3519520cd4b8137edbd80

SHA1
bd4eddd8316a51baf4a3ae68b56acfbba734f46c

SHA256
d1471b2685d45956c323baa2cab11dfe479eb1021f04e2949f03557527c5fc84

SHA512
601c16892bef77d5842e0778f27d4f82e19ae66333b2b75c9a34b3ba6441169946e1167ceb21ed270bddba305abfe50f2e8f8ab2e9dc410c96a31944e597034a

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\kcwctrl.mfx

Filesize
79KB

MD5
2c34e977f898ab60eddb72075c4be223

SHA1
adf883dd06e5ae340a03e6c22a56a4c0caf909ea

SHA256
a0ada42e3a4760097c1c2f98905f12b19de47159543aa21e1c604dbcac7337f2

SHA512
73402857d09e5a0e8049bb7adf3bbfdfc9ac65966217751cbf6db2bf532aa3f92ffc3a1a5dcda638e83d6ede29ebe6e760cbad74d27aa6fa006c9296607d3c37

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\mmf2d3d9.dll

Filesize
1.1MB

MD5
72bb9180f8905c0da95566b778cdac5e

SHA1
e96145e8120514092b35f67f1f120b958997f921

SHA256
3cde7a9181ab63a42cd3535d279d0ab1397b7b78fa3ddddef832757ab2024101

SHA512
c2c8d8c74c53a78545e69f27a7fe1a6d1291888158962e93e16e6ec9950f86e74c68bd2eb50d04db0bff58e8dc93455aa384245991c5afe34abee36fef53710f

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\mmfs2.dll

Filesize
510KB

MD5
1e0e5acec2f2d3567c40491e39aa8f50

SHA1
101ec3bbd32c005b12b38c0f7988faa9329a019f

SHA256
6c9ff6036404e71b0bc2c12bc739eeef0d9200925f5796487af2aa4ef5c5ef97

SHA512
80bbdd2dcc44494a53b14098b7e99db7c20b40650938454105b423e70906ad7371274ed73d3fccd114b9396112a695aebf37f6916976a972154cd562d10e01de

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\modflt.sft

Filesize
139KB

MD5
70498f33876a06f47b33e52195031b20

SHA1
6fd8f61459a0defe2680617fd98a4055f294756d

SHA256
103a430a1d385a8f98543f156c57960c92ed68e3c462d8ce1bff23fbc68c04e2

SHA512
e12ef9b5cecd9903bbe96c0cd67b624e5796265e6e995f371b23b707d315225a47248e45fb54c7b76edad9a0af62eccf1dadf850f0352ad8bf4d31f38c9e768b

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\mp3flt.sft

Filesize
24KB

MD5
dadc138be9d36e6e4b8e4bf9ef2de4bc

SHA1
2758db786c544ec7889f26edf9bc4634c9240af0

SHA256
ddeafda7b28bf7545e3ba164aa4a74219eb961c36bb974e0f5085a07daf18f44

SHA512
63a21c5eda225c7fb8a67595c3180d4fdc1bc37d3b45f839e1b562ef946bf5b2237a9ff17c3f6f5de489779bbb9652ac2a1a74b83f153883bd436756acf249e1

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\nvar.mfx

Filesize
248KB

MD5
0b72d5abded8d8487a84df2107afef5c

SHA1
f2fc96cd0cefdc10186950fea358a533b0257061

SHA256
4810fabc8fd8ded043956dba203a41361aaa631d04b650c7b31e4a978b03a605

SHA512
f2175307b119f0d2c1747767aa08d1f8183350b67d0805dbdda87bf1853013d58bc153c10364962569876dc38d7cecbb5c7a947aaaacd71a1ef0a215b0b52a40

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\oggflt.sft

Filesize
130KB

MD5
0c8c1ee3ba92189f4ce21d1b396a2765

SHA1
b7daa4a6e16416151dccbb0a89f304961b6cb627

SHA256
9e589f86317d840df9bb74f6ee20c24ca65afe58f4009740382f63a0f5531941

SHA512
0a4339092ac55bac3b1bdfaaa3401020f8f49918bd2fdb14524f3d558eb840b876aedfdeb54a1da163fa36393abf3fe8ab7e112a34ea9d891e82a22e96c85ddc

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\parser.mfx

Filesize
30KB

MD5
5903e2efe098dae179c07d670ff836b7

SHA1
93a2ce92a28c646735790d2cc9ff8959cc6e0c11

SHA256
9813631f63f79fbaa741094786d4b13c34515ec4a33c0d4e88b75a20973c887c

SHA512
e39bb67dc8765558274f93953de141e17de18550912bf79a94a2cc998918d07631a0251551abc080363ea52444c1511f15458232d0c656d8f62550d33756e740

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\pcxflt.ift

Filesize
24KB

MD5
56f80b514fa7cc1dd7fb24ef195c30eb

SHA1
e61d7dcbbb623219c625bc67ed0f382f26308600

SHA256
c9e1db8689c11a87f9ab30ebc705eeccc0fbd909ca493a6f589d6a9a5c2a1b15

SHA512
f391e04bd3e67317b3bb1f9541c94782d14e8b8287f5fd3e2f753688d85cc38bf5164c8faa5dc85b8c44a480f81462a4ddc16aafe64313601d21a608b546e721

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\pngflt.ift

Filesize
288KB

MD5
d57365ca275388910be7b09d95ee65b9

SHA1
477e9afa81c0ba97323be56d15ade8fb17c45d78

SHA256
df948630fdb53ddad68d66994f5d2b18a67df32478b6b8b3720c28f40bde7b1f

SHA512
b6a7266c47245cdd5ccc1e4c1b490a22996cac3db53500405354d1a5892896f66aba255ff725808770489a199626a844a86cb80e081a47ed27671bd82ca1cfbb

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\tgaflt.ift

Filesize
24KB

MD5
00a5f50c4a0f8a2c8704fb0640dfcfb6

SHA1
960ff3909de1395de49bd9f36600b989851591ea

SHA256
756725f247592504d42c67257c3957e972ee490af06f12b00467b389e0ee6bbc

SHA512
2be74193a33f1b70f39be9a5565326d425ce02b6eb98b783f8749a209b95fdcbe8724c38c9dbd33e4a12b40756c5ad9177e557f62748b52be2cd7c4bc344b577

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\txtblt.mfx

Filesize
36KB

MD5
8740745e7af7926a0e7d3b194fb51fdf

SHA1
d7688925efd0287334d444a9e4bd584177ed0fbc

SHA256
09a214d9738946b14c4470ea95b45de41641e5d69b7559dbf336f7b4624859b0

SHA512
dc52c25b588f386cceb0eef912e0ac38ffb07443011c957ca3d0fda8c2c6d41e8fbcb33dfc1b7c5ff469216cd8c233d5025b88575bd10684827c18fb5ef52bb3

Download Submit
\Users\Admin\AppData\Local\Temp\67ff0c23-6608-4a69-af28-ef341773f279.FusionApp\waveflt.sft

Filesize
8KB

MD5
57ea61dd14314ef155e80c6a0be8a664

SHA1
963b0ef2fe976ff77044a821fe1e29be4a8cf8a7

SHA256
92a5053cf5973a6aa228c738d55387f12f1dfa8a837d7b938c60f05b6b56b3ad

SHA512
cc23cb30d76d22500c3ed7ce9ee0388588309d0779441b95559fce25a42f1eff52ca285c347655f8b33c15b75f9d2067738a151f81f605d3b563799a3a06c9a9

Download Submit
memory/2484-64-0x0000000000210000-0x000000000023E000-memory.dmp

Filesize
184KB

Download
memory/2484-67-0x0000000000250000-0x0000000000266000-memory.dmp

Filesize
88KB

Download
memory/2484-75-0x0000000000290000-0x00000000002A1000-memory.dmp

Filesize
68KB

Download
memory/2484-57-0x00000000001A0000-0x00000000001BC000-memory.dmp

Filesize
112KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads