Overview

overview

7

Static

static

3

434fc731b1...18.exe

windows7-x64

7

434fc731b1...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDIR/pwgen.dll

windows7-x64

3

$PLUGINSDIR/pwgen.dll

windows10-2004-x64

3

$_2_/Downl...er.exe

windows7-x64

1

$_2_/Downl...er.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    137s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-05-2024 22:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_2_/DownloadManager.exe

  • Size

    1.3MB

  • MD5

    31199b186530877b8a853119ceaf39ac

  • SHA1

    fdb4db880edb74e718c913d477316330f1341b9b

  • SHA256

    33ab2810cab812621f8e8bf1d30e49a41570af00693db2bfabff69c6d242bd01

  • SHA512

    7d5bb60198e03fc1c136a64a1721792805effd66aea593ea64a74b63e3cfa101a96508676abf64a3aa0a53b8e134f7a9da8e80c0def3eac3f5c745acd80b2a02

  • SSDEEP

    24576:N6f5P/g1xtwthdLc+eqi4c+nEHphwxo1ZAFi:k5UEXFe41Yixo7

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$_2_\DownloadManager.exe
    "C:\Users\Admin\AppData\Local\Temp\$_2_\DownloadManager.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious use of SetWindowsHookEx
    PID:3700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3700-0-0x00007FFF28175000-0x00007FFF28176000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-1-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-10-0x000000001BEA0000-0x000000001BEE8000-memory.dmp

    Filesize

    288KB

    Download

  • memory/3700-13-0x000000001CC10000-0x000000001D0DE000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/3700-14-0x000000001D0E0000-0x000000001D17C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3700-15-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-16-0x000000001B970000-0x000000001B978000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3700-17-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-18-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-19-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-21-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3700-22-0x0000000020FB0000-0x0000000021756000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3700-23-0x00007FFF28175000-0x00007FFF28176000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-24-0x00007FFF27EC0000-0x00007FFF28861000-memory.dmp

    Filesize

    9.6MB

    Download