Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-05-2024 00:55

General

  • Target

    9399024a407b940e462170e3610211919abb44f5b075f8db1ddba46a3e0eae71.exe

  • Size

    137KB

  • MD5

    1e2982b931241693f424227d9f8f2a22

  • SHA1

    931215b5ba1ae459851e333b2c334d6530749db1

  • SHA256

    9399024a407b940e462170e3610211919abb44f5b075f8db1ddba46a3e0eae71

  • SHA512

    f80dec4f7d81e3f49ad736bd5b989fe9ef0d86245e6df56ece5ab63d0879fc975b62c62e6d362aaa384c4d9ddbef687961889ea1bb4cc64d1cc209342dd489bf

  • SSDEEP

    3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6DsB:7907wTr9mea+i6WKQJ

Score
9/10

Malware Config

Signatures

  • Detects executables packed with ASPack 7 IoCs
  • Modifies AppInit DLL entries 2 TTPs
  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9399024a407b940e462170e3610211919abb44f5b075f8db1ddba46a3e0eae71.exe
    "C:\Users\Admin\AppData\Local\Temp\9399024a407b940e462170e3610211919abb44f5b075f8db1ddba46a3e0eae71.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2168
  • C:\PROGRA~3\Mozilla\iodncyc.exe
    C:\PROGRA~3\Mozilla\iodncyc.exe -szcyzql
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Mozilla\iodncyc.exe

    Filesize

    137KB

    MD5

    66cae745ca1a9a48fae3b8c3de5e1c11

    SHA1

    88c1ae678462f54fbc4c3068714e4e94b41c8d5f

    SHA256

    af5cb06ef4d427a2a62b486c54c7a05fb5577fa21e0145640f4eccfd54850b9d

    SHA512

    8141e16b738d6c0974bb67a3085b4fdcb02bf013c79d0bf8d7d5f910392480516b4e6ac81cb4ee7933f6d9755285d03c2fa49094cc83f8ceff1617fc95a2f604

  • memory/2168-0-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2168-1-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2168-2-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2168-4-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/2168-3-0x0000000001F60000-0x0000000001FBB000-memory.dmp

    Filesize

    364KB

  • memory/2168-10-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/2636-9-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2636-12-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2636-11-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2636-13-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/2636-16-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB