Overview

overview

4

Static

static

1

8dcd7e448d...cc.exe

windows7-x64

4

8dcd7e448d...cc.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    159s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc.exe

  • Size

    149.5MB

  • MD5

    52b3ccb4effb1fcadd9b0721cc1b3ac7

  • SHA1

    2f9b0ea01ad301fab50981594a1ef8e427243f31

  • SHA256

    8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc

  • SHA512

    29543cd05f43b9b7aa1b882cdf8d1009e51f03bf572b13bbd2230d5a953aa7e9fd60b70056dd23da5ca69ae3bf70a7f6074ae5958750b94cb05b2f5596728e7c

  • SSDEEP

    786432:ERfxMUEGnonETVcKPq2gGcOCAdaO0s4BDLdS+DxzgTtLwSTRpf4P1wT1e8aim0Ef:EPMn0VzHcOgzNNdB8c0u

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 26 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc.exe
    "C:\Users\Admin\AppData\Local\Temp\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc.exe"
    1⤵
    • Loads dropped DLL
    PID:2144
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3756 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\GanttDemo.dll
      Filesize

      598KB

      MD5

      78b0579ffd2d4dcc60addb7a59d8af71

      SHA1

      d44317f319d95af290c172aabf1b347f9f70bb2b

      SHA256

      0aa07be09b180c0d77944f61ec296aaf163f31ab50aee8ae1003bd6e772ee2be

      SHA512

      3e90f39f6bbe78ecde3a66c5627294a293a1bc545bd3916bdf392fe5fd31e8d69e5f488e977de94a539bdd4b101f6cca2798c039b8fa5e41562ee73de1bc3d3f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\Microsoft.Win32.Primitives.dll
      Filesize

      25KB

      MD5

      e2af89f2c22e2a49b865d3923aec64c1

      SHA1

      54babd3316d7c0ac30f53fd7564874e02b0931a1

      SHA256

      ab35c625ea764801bf6230f84b675acbcce1eb2ba628348f00e23e6fc1ddaf4b

      SHA512

      af41c6d8a5621ea697d6beb8ac5ec156711045b10aca7e5a811cf2f287821806bfdd0a3753e934dc2f83df6ba90a3bdc65410cef8c0c0da7fa7d744cacc4e82b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\Microsoft.Win32.SystemEvents.dll
      Filesize

      85KB

      MD5

      8cad6425c27a6eae1426ecfbd57ac0a2

      SHA1

      10d6f3ba6dcf677785dd2c2b1ece9624edab92b1

      SHA256

      5be70207b69c0e0cc6d6e4522cf3ef4450a66760833db032a9e5570add6ba1bd

      SHA512

      682b7c2571a81312c4951855bbd0b651cc88a5227d8572348bc51b6ed6e53614175d4f4c0b1be20d73289de470d3d4ff7b2edc9f8326a736134519e068b127c9

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Collections.Immutable.dll
      Filesize

      650KB

      MD5

      20735cec347e1606f982bb71ab085de2

      SHA1

      e3bc64dc62ee1e151e3756da747163493052f1e5

      SHA256

      b2a2778c8e808c539506b4863b7e7306b6159eb88bc910e8850bc0bf754fed20

      SHA512

      40e0488cad9a300507e0f5b27cf98da7b6443a708470b16b6df0068515b20d4b2fe5c0e917140f9b650302478aa7157d87350c0d3bd2b426bbdfcd6b7118e9d5

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Collections.Specialized.dll
      Filesize

      93KB

      MD5

      f29205b9cb459c3b9ae5e73152f99c67

      SHA1

      f882d9364aeec78732a0d6504c69a4c7cb825f0b

      SHA256

      f9fed744bffbc46d053fa632650b80c14244d993d29b9caabf02e9a764a8e504

      SHA512

      6bee29329883ee01a2290c9b15c3e9e338918378588c4d435fa9fbe7f418eae6e9ca0b1d0ca7449dd0c9a8ecc8d4416539147eaa2b50c8223053c3b2082abc9f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Collections.dll
      Filesize

      258KB

      MD5

      5eb5343d9761aa4853a581bd657a158d

      SHA1

      d1a2ac9bb389507cdf4b653379d78d3aa8428ee0

      SHA256

      7257afc6773638dc19c23fa6fd6c0c48ed6676033466a7eead38075842a6ae71

      SHA512

      368d3a4ebc0a2880b2987b18b974baf715caffd088e242d79f25f7d31c9c8e3108e4cbfd287d8473ab503bea5c4a893d56462913663a13c4470323e2437a3a7b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.ComponentModel.EventBasedAsync.dll
      Filesize

      37KB

      MD5

      af60b51894b8dfacb142fec70a4b1090

      SHA1

      37d0310db0c85d34fd29f788234723bf6d4d0947

      SHA256

      882a65e2362bfe1d89bd137263a70f27ff16d6cfc85e490fcd910d5a1d5b6ffd

      SHA512

      9f786e713230c11accc4dc982fcf50ba5eed9ca6cdc8f5fc4419457186b5dab311cd7ef474f1be42cd6c3a32794c38644299c4df43953d3b5db84f30600e0e66

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.ComponentModel.Primitives.dll
      Filesize

      73KB

      MD5

      9e5466206f32d35a7ebc6918eca82ea7

      SHA1

      9f10da3667ef57b981109141c2cc48fc5e7cf074

      SHA256

      3a67549a4f43a9820822088064830c96ffdc76ca7d8177cacb4034ad75e9ac6f

      SHA512

      8807c64dc22fd639bf1118ea3c3fc501f257c5c6ab6dd511ec4843d48ea6279ab6b0f37d64d42aaaaf5d7724df32caa3458d1eee008f36753395455c89364d17

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.ComponentModel.TypeConverter.dll
      Filesize

      727KB

      MD5

      d99f8c728f7e3f25a1ef711f4e5b8ad7

      SHA1

      fdc7c72c25267e4128b971dcd81db0eb024a2564

      SHA256

      783d772a89d3a0ba4dcfbb5109eaf78bda9401e2e54aaa63322239a79708a0d5

      SHA512

      957aac4b58ab4f2e856c4435469cc17f3297831b7255720342ba55d8f56162229efb712b11d0ea76f135a720f4d7265e7632d9d19c92584ebb29ae464e5ceb4b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.ComponentModel.dll
      Filesize

      18KB

      MD5

      55e863b17a8d450468ddf86c070f8403

      SHA1

      362d519bb5acd2d7c1da9bef9abf346eb067be5f

      SHA256

      1bdbd18d5d50f8be7a1522479c4571e1d267dcc37a2a67f82677cf2bc07329f8

      SHA512

      144d0c6892d6aefba8762f87a1af95aad3eec0cb01af7457da6d06264721f736e5fb2e8667384265f651143ce3340a40381e6ce096917674875dc62a770c1e70

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Data.Common.dll
      Filesize

      2.8MB

      MD5

      1bc3ffcbdf29f22a2cd9bafac6d5d8ee

      SHA1

      6db71bb53edd9c97199fbdd827979d2b0f0ba312

      SHA256

      ff4bd18d1247c56a2f1fdb4eb016fc03c6c21d075b714bd6464980ca3fcb9856

      SHA512

      4a9077daca5239d93b81e9774b29de99c4b5555a13594a1e5c4001763ec35b3ed85950e984cdaac73f823f9f426e883cdb224852b0bc6f39e9095190500cadfb

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Diagnostics.StackTrace.dll
      Filesize

      35KB

      MD5

      889a191d54b17511e4e31b7815a4476b

      SHA1

      f17dc804b3ca6e177d224dea37e2c33f549594a6

      SHA256

      4053beb1b18d2962738629a4baec6619bd4c331bac11e84c2598c6964d739d39

      SHA512

      b93f038322e1a46a7324c9e5807a16a7db1c547bcb5213488722c15be2c129f1b54d0660b4cbe520ef7c754fd839b2b22c0b57e6861dcde7a7521d62864834e0

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Diagnostics.TraceSource.dll
      Filesize

      130KB

      MD5

      e6ec446f1e7624e16116744f6330cf46

      SHA1

      ad10881ba0ebfee050538a019ef43ee421978f70

      SHA256

      36a1e424aa922e6382b30b916f8f401323103d32fba900db7b79e1189d8257a5

      SHA512

      c1fcb792304b5558cbf42f83a72b69bb2efabb9b58e14d6c13e67afe59c705287f2e3596856c0def3b0e75e534bfe1a65d13a6953918637f523f87710c483838

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Drawing.Common.dll
      Filesize

      1018KB

      MD5

      c5bbca2df146a0e9149f930d8e9f5e6b

      SHA1

      3b9ddbf391dd1ab458b74a6a152b9597bd6ad581

      SHA256

      3cf8cecf24b3f3edb60c4d44b64d021458f5ef77d0976873c93d2a130196da78

      SHA512

      357d55d8ea3b11a8388b40bb77c712df71dba4cc443f2f1688edf8d5800601a341a947ad1977ab41408327330e3c1e2e355675fc452fa37c32be407ee0bf592e

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Drawing.Primitives.dll
      Filesize

      127KB

      MD5

      bc2c1f35273778f3075d30b61fb9cb10

      SHA1

      2c3ae6069aaba72bbcc3206e3028f493bb1d3bb2

      SHA256

      929d17fddca4428f4ac90584228ea4f5a86b925cc6f098bb3375bef71006ead1

      SHA512

      dc0acd93d9a517d2e57390ad5972aa130edb0e9ee0042f0cf489836a5404cfdc29e880d021c7fd0c8f17cb7f47febb9fa6cf211e29ecc82a3bc41c4838c60ef8

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Linq.dll
      Filesize

      525KB

      MD5

      f019a6ebc484fe7b6ff02b4e3a596f38

      SHA1

      f8ffaeb60b9f42f6b24329243d41549d2163fc01

      SHA256

      3b9599085d13637d6378b44d1bf77df8dd9efc6e201b790e3e263a042e8b4f23

      SHA512

      32968e4dcf2f774ae6c0a10a31a13f23ec9c25e06aadfa9595ef48d9c68a6c71b109a3adcabf68125af95b97afe10a7265910b423ca0ac8861077bc4567113a6

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Memory.dll
      Filesize

      169KB

      MD5

      d32d4b7fdd80db689314e6eda5eedb69

      SHA1

      03718bea03fb0247cbc5e41a2761b13bb40610cd

      SHA256

      d65458297aa9a0a509ecb87261785b21c981ba61b2ae2a57a6b60c22566d7eb1

      SHA512

      bb6eec0ebd9c51f9b584bb72f205c73395f0f459ad66b64b8d585d23d37c98e443c98f0a2eaa13c01a3bb0aae8d658b4108e3a8c651add5c7305241356138ac2

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.ObjectModel.dll
      Filesize

      89KB

      MD5

      7e8c737f75e144b3d81add9c2b198b50

      SHA1

      800a6eedd687553b98c0231e187c2e855b5cb547

      SHA256

      20bc6a83a037924377f140679d926631cc0514646cb02d4f7c7ed0b43a8fc900

      SHA512

      d04bb8b69f13a9f25f5bc546a33ba55791c9391798aca8169e39709803547d02c46c41616b2f43ea8bdabbc9303b6703cfc0319a1dfee61a38b0f518e6fd93fa

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Private.CoreLib.dll
      Filesize

      10.1MB

      MD5

      1bab6cbaaa456f8ce40965d06cfc08ef

      SHA1

      1324579cbd1c266c4358e9ef9bf42eedc26f2069

      SHA256

      a30dc6db743fdef01f4a5f5ddf96bf9bd8c98336c040b875e0ae79f364552f0f

      SHA512

      2d3d0858b38aef79926c0fb7edb2567268b10f189edeb2879934363e95af6cbde3f56d8dc585adb905b2d1bbf92deb63b771ffa313b4c19d4adf395944ac31bb

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Reflection.Metadata.dll
      Filesize

      1.1MB

      MD5

      51d02bc1972a7ed49d27f947b4ddb20e

      SHA1

      08bdd02bc562c81c294d2bcd9e59a954c02aa84f

      SHA256

      969385b7f18665e89fd96b44edc00bc14ae84b3782adb46d1be507ff5d4278f8

      SHA512

      8d03b8053284532fbd7e85d4aa5ee1b4e17b3183d16990812b180f6466a20a32756c2e763909a07994c57ef9c8f4988885e5e1f2f74197bef0251b5af8977acc

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Resources.Extensions.dll
      Filesize

      118KB

      MD5

      1f26ddbae520272d57412e6db6416c02

      SHA1

      f6d34a7585eaf27e9f910bc00ada088ad55d59d5

      SHA256

      2b3c39bec1492a1e1561e60d9d67ab757cb6ba893d92240c34ffe4fec6fbe142

      SHA512

      19c9127df86c04572c4cb362a92ecbeb22dfdf1a1007900f487435df3fca483ba1139a038253d249e75059c81465f83a46a99875fce27829659a214ead38fa28

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Runtime.InteropServices.dll
      Filesize

      50KB

      MD5

      df738be4199ef972cae19224aa7b3e89

      SHA1

      58a1c254293838d47008c3feea76a4672102da39

      SHA256

      582740c39a8eb07dfcd118abbf8ff1aa5172d96d5344067c3779074392c7c298

      SHA512

      92a08cb483bf8f80a455808396e18d4d02e9a2ea5b56209e7e4916004fc706ffcabfaa45742fd0da660e6d1afb895e130952d03caed905bf0938b90157dba76b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Threading.dll
      Filesize

      78KB

      MD5

      34b8f5315f14ebf46ee6fa1ded51b5df

      SHA1

      827729259079b22ca6c56dd95c82b2a64f092342

      SHA256

      1867b76a43c0a6e1707e7c13b928a30add59d00dd95af8c447be4fdc16da2458

      SHA512

      e8ce59045a922c72b0308a47c2459dba8def03ee94f5e10c5fabd830dd8c5c0dc157cb3d576f66159c91f4d7194551f0cc901532b61692c0306f244517db1540

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Windows.Forms.Primitives.dll
      Filesize

      773KB

      MD5

      1ba5be23053d5e0107faf7c2de05dc33

      SHA1

      b908d392354a767f80793412a259e002b4a9a4ea

      SHA256

      2e1f2764f1bbced16382f8fe5db8cf161be7bc309fd8a7d5f500764f65e8cb96

      SHA512

      b0a6fd017c1396daa611fdfcad687efb05d351448fc3149f9c9b4f02d920474742a145278f1866981ffb78cd931671200346480eea4bb258e9b867c63c5149e6

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\8dcd7e448d24b4b2e601c9dcf0cd3a8eaa6e3a79455512e7f1b90ccb94d211cc\k6Jwbisj2PfujKVmq4owOjZpfvZSpYE=\System.Windows.Forms.dll
      Filesize

      12.7MB

      MD5

      eb3c3c8c24376e0bb158558f888d8dd0

      SHA1

      dac0ee5facc988bd69d6afeadabdf9d796dee50a

      SHA256

      199c29ced174e8f4ebbf192472b5e3ff3536d9b7ff90899669fcd3c1be1a3119

      SHA512

      6555253a8924fdafdf7da45a8b09ea33520fe8b8477b25ca8ca6e86b018f35c12583283a7150df944b0c4a3feebc4cb14747502540ed77706d5df24249ca60d0

      Download Submit

    • memory/2144-449-0x00007FF7828BE000-0x00007FF7828BF000-memory.dmp

      Filesize

      4KB

      Download