Overview

overview

7

Static

static

3

fc17f7da8f...99.exe

windows7-x64

7

fc17f7da8f...99.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 17:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fc17f7da8f4b81b2bcd6ea819e1ba2a343580fd48e7c7dc2f71666aaa4579e99.exe

  • Size

    3.0MB

  • MD5

    04541cf84a71fe31db978b19c247451d

  • SHA1

    dedea75c89d2934201cd2ff431ddf84e48d36da7

  • SHA256

    fc17f7da8f4b81b2bcd6ea819e1ba2a343580fd48e7c7dc2f71666aaa4579e99

  • SHA512

    ceafe1f87ba2dfd44a8405686279fb5b223b6aff260c8d85a9cbb9bafbf69cdb3d726fd051e4cc8eb2062b4921644e7753fd4eef32f2e8cc20a97c52fbdd0801

  • SSDEEP

    49152:F17OjvrwT1ZFewUWCyx6CtcX4EwgGWh3U35p7kkMVlT8fW/79S:POjvrcG+uX4EwNmk30zoq5S

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 17 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fc17f7da8f4b81b2bcd6ea819e1ba2a343580fd48e7c7dc2f71666aaa4579e99.exe
    "C:\Users\Admin\AppData\Local\Temp\fc17f7da8f4b81b2bcd6ea819e1ba2a343580fd48e7c7dc2f71666aaa4579e99.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:4396

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\aviflt.ift
          Filesize

          24KB

          MD5

          97b3b613ed1f994389b1a963b6e781c9

          SHA1

          13b38afdfd6ea283a2012bb8e5c652e13175440c

          SHA256

          cb5f43c24df39973b983b7fda4abcef60f425061d880c7dd9514b501b84790f8

          SHA512

          97cb23d76d926fe03573c127862b738217f91b0cb61517df7514597fdc50844ccb3d4f799b9a8b23b8da37a2b802ee2bd1e56b5e9fdb699bc3d511868ffd417c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\bmpflt.ift
          Filesize

          24KB

          MD5

          a73a9c8e91ef95cf4eabadf8f7334abf

          SHA1

          763195d19f5467c593ab638dbdd0a0277a3048f3

          SHA256

          02d03c4847e34c9029cca452e37ada5ef40167406d4474a9393e11aace024c3d

          SHA512

          cb5f451d8e637d466fec2dde865d5daac5a15ea44b6e2ce0506070c123ffad506f5f9739a9ea440f01c8f331cc9d42802cc14f82e1252ac667fa7318bcdf3acb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\fliflt.ift
          Filesize

          28KB

          MD5

          91b37f29180a7bcca82dd4682d677b3d

          SHA1

          bca27cb7ddb271e6649f264777e04970f5ad1276

          SHA256

          4b651eaa60da09038984a9b7027826941f61f6da58d3f57d11349c8c1896a6d4

          SHA512

          2fb10952f2671e6a42a9748279aa94e9ce9b307d57d562f9ebbaaa88e27ca96eda36a5fa209df0f791adab7e8d896916b30330ba759b9278cac4bff43600d6e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\gifflt.ift
          Filesize

          28KB

          MD5

          9a1a0b8e7045c06c47abeb52d861c377

          SHA1

          6a1c36eb8354f62d5eab6d7c62316fd7d0e1aa92

          SHA256

          8fadc250c2afc00b0430c5df576cfd2d444367ad928027334c5d03829241cf92

          SHA512

          918a672f82be50a42c237eeb361b971c724a1d7b11cab183dfd5125bdb7663cae588fa92b142dc99a88407a133bbe58bd7bc0c5c60d93287c470375fc094f079

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\jpgflt.ift
          Filesize

          96KB

          MD5

          ba4a1f5006fc3fc33f30e82a964cd7b3

          SHA1

          8099283e645b6ef523757afdf552da3dc9b72924

          SHA256

          5bcaaff4c698581603d4165308260412b38ac6cf708486b53bda3bc76241098d

          SHA512

          8eaa1bae465a0ddd498372fcc9bd9c2b3bd9ba861abcc9158a0e3b8cf14f2a6fc8aae8fb129f96ea090c023247dec56524b2f42fa25239c08145dbe7c664a11e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\kcpict.mfx
          Filesize

          24KB

          MD5

          c9b294991fb74ae2948a01a2cc7666c4

          SHA1

          05da63881203e6a493c8f81370a4bf1197b25ef6

          SHA256

          2362d87a599e99d656a6a6e602758ce6ad2998fe0f62cbb9109e9cfe8b22a887

          SHA512

          29e26cb01114fc00124de85f81d062a4e2bd99f6f03061c7f271343a9793b84cd80f9b60efb35c0c19d3b95428492c5edee51137e1bdd0452579baed3184c55a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\mmf2d3d9.dll
          Filesize

          1.1MB

          MD5

          72bb9180f8905c0da95566b778cdac5e

          SHA1

          e96145e8120514092b35f67f1f120b958997f921

          SHA256

          3cde7a9181ab63a42cd3535d279d0ab1397b7b78fa3ddddef832757ab2024101

          SHA512

          c2c8d8c74c53a78545e69f27a7fe1a6d1291888158962e93e16e6ec9950f86e74c68bd2eb50d04db0bff58e8dc93455aa384245991c5afe34abee36fef53710f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\mmfs2.dll
          Filesize

          501KB

          MD5

          b01fccabe9d6eda59dbd2d97051fca02

          SHA1

          693addb080aa53b9b36cda7f194dccfc10183444

          SHA256

          61b3465157a959601273e13b9fac3f38fef514799ab56912ba0d82207475ee2f

          SHA512

          4185e8eafb6d9eb0cae0fe6fdd00d58fb5fa58cf3f0523ae46add17df8d7545208db7d66be24d0f6aee9b590825f9172664c9d849f7b116027deb414332627d1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\pcxflt.ift
          Filesize

          24KB

          MD5

          56f80b514fa7cc1dd7fb24ef195c30eb

          SHA1

          e61d7dcbbb623219c625bc67ed0f382f26308600

          SHA256

          c9e1db8689c11a87f9ab30ebc705eeccc0fbd909ca493a6f589d6a9a5c2a1b15

          SHA512

          f391e04bd3e67317b3bb1f9541c94782d14e8b8287f5fd3e2f753688d85cc38bf5164c8faa5dc85b8c44a480f81462a4ddc16aafe64313601d21a608b546e721

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\pngflt.ift
          Filesize

          288KB

          MD5

          d57365ca275388910be7b09d95ee65b9

          SHA1

          477e9afa81c0ba97323be56d15ade8fb17c45d78

          SHA256

          df948630fdb53ddad68d66994f5d2b18a67df32478b6b8b3720c28f40bde7b1f

          SHA512

          b6a7266c47245cdd5ccc1e4c1b490a22996cac3db53500405354d1a5892896f66aba255ff725808770489a199626a844a86cb80e081a47ed27671bd82ca1cfbb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5557cf15-ab30-4dc6-a160-7170f70506e2.FusionApp\tgaflt.ift
          Filesize

          24KB

          MD5

          00a5f50c4a0f8a2c8704fb0640dfcfb6

          SHA1

          960ff3909de1395de49bd9f36600b989851591ea

          SHA256

          756725f247592504d42c67257c3957e972ee490af06f12b00467b389e0ee6bbc

          SHA512

          2be74193a33f1b70f39be9a5565326d425ce02b6eb98b783f8749a209b95fdcbe8724c38c9dbd33e4a12b40756c5ad9177e557f62748b52be2cd7c4bc344b577

          Download Submit

        • memory/4396-37-0x0000000003180000-0x0000000003198000-memory.dmp

          Filesize

          96KB

          Download