Overview

overview

7

Static

static

3

7eb8647ef5...71.exe

windows7-x64

7

7eb8647ef5...71.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

WinPcap_4_1_3.exe

windows7-x64

7

WinPcap_4_1_3.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SYSDIR/Packet.dll

windows7-x64

1

$SYSDIR/Packet.dll

windows10-2004-x64

1

$SYSDIR/pthreadVC.dll

windows7-x64

1

$SYSDIR/pthreadVC.dll

windows10-2004-x64

1

$SYSDIR/wpcap.dll

windows7-x64

1

$SYSDIR/wpcap.dll

windows10-2004-x64

1

WinPcapInstall.dll

windows7-x64

1

WinPcapInstall.dll

windows10-2004-x64

3

rpcapd.exe

windows7-x64

1

rpcapd.exe

windows10-2004-x64

1

albiondata-client.exe

windows7-x64

1

albiondata-client.exe

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-05-2024 12:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7eb8647ef59682e127eb5b698cb2d496a6c87790c88a69ab5bdf7f682ee7d171.exe

  • Size

    4.3MB

  • MD5

    ca91ec48abe206e26754d9cb3425da7e

  • SHA1

    b2ebe42ce04c93214675f7cb325da96fe6bb7e3a

  • SHA256

    7eb8647ef59682e127eb5b698cb2d496a6c87790c88a69ab5bdf7f682ee7d171

  • SHA512

    54ef413b7a470303dcaef9b381aea1a046ee68b787a13aec4a39396e1f5f5020ee83b80a4d9500aaf36d0b701c6401a7ded8be273f6896cfc7b09d9c25017872

  • SSDEEP

    98304:qtSp68NU3KeMSoth6yNik9wGTmK57EfxZYgy8ZEHOGYR9Arb2/pz1yo/:qti68N5eMSo36A/9NvIfr88ZfG9rb2Rp

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7eb8647ef59682e127eb5b698cb2d496a6c87790c88a69ab5bdf7f682ee7d171.exe
    "C:\Users\Admin\AppData\Local\Temp\7eb8647ef59682e127eb5b698cb2d496a6c87790c88a69ab5bdf7f682ee7d171.exe"
    1⤵
    • Loads dropped DLL
    PID:4344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsg4A78.tmp\LangDLL.dll
    Filesize

    8KB

    MD5

    e5240dcd169abe69a7332d01106e1d84

    SHA1

    2ca68892501102586f6ab4eb99744d7f6138c166

    SHA256

    96c40847d52270061c25743bc9ec4843be1991f3ac36c2d1b78ec04a04437ea4

    SHA512

    519479d1c6bfd4fcb11e0802f9cf5eb7b324577514a986f0fdf07d33ff6a275dc5ac41654aed818d1c30e0bdda543297f4b7886442cbc93066a808cafbaf8a70

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg4A78.tmp\nsDialogs.dll
    Filesize

    14KB

    MD5

    8f45e78d9d02ca8a9f9c274a8bfe2a57

    SHA1

    9b3838e1d2d4fbc1c84e1252747e96aa1b223d83

    SHA256

    78f9594721361fd3415b8c5194f9c9b87c580d6a70ddb95f2c4743c61ce68ebe

    SHA512

    125f1bcf833e0c233ebee552c164d9726769f06e5163467888abea08048fdae60a94b903ef97ba82ca9cf684f3c027d9605d54e9efe794df3e452f9b20e4ca96

    Download Submit

  • memory/4344-12-0x0000000000400000-0x000000000048A000-memory.dmp

    Filesize

    552KB

    Download

  • memory/4344-13-0x00000000744D0000-0x00000000744DC000-memory.dmp

    Filesize

    48KB

    Download