Overview

overview

7

Static

static

7

RadminView...52.dll

windows7-x64

1

RadminView...52.dll

windows10-2004-x64

1

RadminView...Cx.dll

windows7-x64

1

RadminView...Cx.dll

windows10-2004-x64

1

RadminView...in.exe

windows7-x64

3

RadminView...in.exe

windows10-2004-x64

3

RadminView...Dl.dll

windows7-x64

1

RadminView...Dl.dll

windows10-2004-x64

1

RadminView...mt.dll

windows7-x64

1

RadminView...mt.dll

windows10-2004-x64

3

RadminView...dk.dll

windows7-x64

1

RadminView...dk.dll

windows10-2004-x64

1

RadminView...ox.dll

windows7-x64

3

RadminView...ox.dll

windows10-2004-x64

3

RadminView...tx.dll

windows7-x64

1

RadminView...tx.dll

windows10-2004-x64

3

RadminView...ws.dll

windows7-x64

1

RadminView...ws.dll

windows10-2004-x64

1

RadminView...cx.dll

windows7-x64

1

RadminView...cx.dll

windows10-2004-x64

1

RadminView...sx.dll

windows7-x64

1

RadminView...sx.dll

windows10-2004-x64

3

RadminView...ex.dll

windows7-x64

1

RadminView...ex.dll

windows10-2004-x64

1

keymaker.exe

windows7-x64

7

keymaker.exe

windows10-2004-x64

7

rserv34cn.exe

windows7-x64

7

rserv34cn.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    290s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 12:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    keymaker.exe

  • Size

    402KB

  • MD5

    bac302ab497ac5431c02f1f08c018a25

  • SHA1

    7c0216d7a0a11f3f589d289a064cdd0de21dafd1

  • SHA256

    003d1c7137a2f8ce2fef504291622c11318f170819f9630b03efdb547704eac6

  • SHA512

    649312798207a139d565bc8b2a4810fee4ed007dadbc1b7d6938055be7e389364159028ddce0781fe92331f1845020090d96ebad0add71106a40c71bfa2dc7ab

  • SSDEEP

    12288:xWARSM5q24Ai9nNaymXaaafCAdmE9GHjDe15CdNyXJYNvDfQDe+:xWDM5pZkNcloFDGDudi0e+

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\keymaker.exe
    "C:\Users\Admin\AppData\Local\Temp\keymaker.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\bass.dll
    Filesize

    89KB

    MD5

    c8300c30ec04913e3037819f65c14f6b

    SHA1

    82a93b8682d0853da579dd85366ce9169bae3c21

    SHA256

    c4b2c8161fdcf266d1547f50c86aec6567e63c6b92f863e8477d79ddedf8b9ed

    SHA512

    c5e66dec58b815339434beb9df6ddeed7e41495dc6a3f5af1b92d53bf034c0671e8f4ea198c94fa983370a8ecd493b83456e3c495778c7288b75ef80b16f5568

    Download Submit

  • memory/2228-30-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-34-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-5-0x0000000000400000-0x0000000000499000-memory.dmp

    Filesize

    612KB

    Download

  • memory/2228-6-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-8-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-10-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-12-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-14-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-16-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-18-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-20-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-22-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-24-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-26-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-28-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-0-0x0000000000400000-0x0000000000499000-memory.dmp

    Filesize

    612KB

    Download

  • memory/2228-4-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-36-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-32-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-38-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-40-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-42-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-44-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-46-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-48-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-50-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-52-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-54-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-56-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-58-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-60-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-62-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download

  • memory/2228-64-0x0000000011000000-0x0000000011055000-memory.dmp

    Filesize

    340KB

    Download