Overview

overview

8

Static

static

1

vJoySetup.exe

windows7-x64

8

vJoySetup.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/05/2024, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vJoySetup.exe

  • Size

    11.0MB

  • MD5

    2ab668a12ebdea3bd8fa1d5a2ca7cb45

  • SHA1

    535822f96003b9b68f155a1fbdc226de93d1d1af

  • SHA256

    f103ced4e7ff7ccb49c8415a542c56768ed4da4fea252b8f4ffdac343074654a

  • SHA512

    3d2b6408595f60dd2fbe85e25f1f60caeff578d3a780b5e90dd63165b01caf42b01179285d4091ab4a8c8e6d66f685cf8a6b63160aa3f3ccca392c08a1a1ddcb

  • SSDEEP

    196608:6zQcNZB4im0X9RX5iII48y2h4cemVp8fftB9CfuhVfE0i7gS/091:tZXcjX1I4tMJemA3tiGhVs17ji1

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\vJoySetup.exe
    "C:\Users\Admin\AppData\Local\Temp\vJoySetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4976
    • C:\Users\Admin\AppData\Local\Temp\is-7D4L7.tmp\vJoySetup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-7D4L7.tmp\vJoySetup.tmp" /SL5="$501D0,10728610,983552,C:\Users\Admin\AppData\Local\Temp\vJoySetup.exe"
      2⤵
      • Executes dropped EXE
      PID:3456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-7D4L7.tmp\vJoySetup.tmp
    Filesize

    2.7MB

    MD5

    f8034ac234bf9638b31432e22fc2f53f

    SHA1

    85de4df5bfe596211d1a51bb51cf195f40b25c4a

    SHA256

    c7548189b1eefdc5bd0caeb5e43b9496e5a7cfb9578fbeca0f31dd099d6aa47a

    SHA512

    5eba6683d2bd6664e32e61e79be39d507a60859ae3eb621ad6e093cc5058aa69de1aa25b03771fc80de402598abedb4ac401a0a1d61197d244dbddce76add822

    Download Submit

  • memory/3456-6-0x0000000000400000-0x00000000006B9000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/3456-9-0x0000000000400000-0x00000000006B9000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4976-0-0x0000000000400000-0x00000000004FE000-memory.dmp

    Filesize

    1016KB

    Download

  • memory/4976-2-0x0000000000401000-0x00000000004A9000-memory.dmp

    Filesize

    672KB

    Download

  • memory/4976-8-0x0000000000400000-0x00000000004FE000-memory.dmp

    Filesize

    1016KB

    Download