Overview

overview

7

Static

static

3

3be37af297...49.exe

windows7-x64

7

3be37af297...49.exe

windows10-2004-x64

7

chrome/con...enu.js

windows7-x64

3

chrome/con...enu.js

windows10-2004-x64

3

chrome/con...ure.js

windows7-x64

3

chrome/con...ure.js

windows10-2004-x64

3

chrome/con...eAs.js

windows7-x64

3

chrome/con...eAs.js

windows10-2004-x64

3

components...on.dll

windows7-x64

1

components...on.dll

windows10-2004-x64

1

defaults/p...enu.js

windows7-x64

3

defaults/p...enu.js

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ts.exe

windows7-x64

1

$PLUGINSDI...ts.exe

windows10-2004-x64

1

$PLUGINSDI...32.exe

windows7-x64

1

$PLUGINSDI...32.exe

windows10-2004-x64

1

$PLUGINSDI...ed.exe

windows7-x64

1

$PLUGINSDI...ed.exe

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

chrome/con...enu.js

windows7-x64

3

chrome/con...enu.js

windows10-2004-x64

3

chrome/con...ure.js

windows7-x64

3

chrome/con...ure.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 01:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449.exe

  • Size

    6.5MB

  • MD5

    2b82b5601d49184917fb44181c63f594

  • SHA1

    0a52dd49e721a5fe8c86a034c94a6348f1de952a

  • SHA256

    3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449

  • SHA512

    24818cc1af978c7bb967a39210b544e565a7be5aaa7350793317a850ce4ed212828ae8a8c2482e1edf782d6d571e2f4117ceff93a93c9c12262832f9231ebbf8

  • SSDEEP

    196608:k3Q9SA7QYtLXMnB4lT2MqJctbVNtCxZeSUgj:k3Q9SA8wO4lTYJc9VNtn2j

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449.exe
    "C:\Users\Admin\AppData\Local\Temp\3be37af297b190efb8db29422fb9f74e329db481d55065731a669834daa8a449.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsd10B5.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    82c83e6e2d08585d71bd47c5571274a4

    SHA1

    61ee2d534fd34db69c28299eaf41ba91ecd099c6

    SHA256

    7c6f2d56df7bff595cc1b8c1e2c1b632a9eebf316e97e379a09561ef73ebbed5

    SHA512

    7451f0acf1a65159c16378b51c8d2e5a34bdf4261a78b3a1ef068fadc8c889f9c96cf9d5ded2c2235e1035b17094261cf8f627e0613d7a925782ae679c6ea973

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd10B5.tmp\BcNsisHelper.dll
    Filesize

    760KB

    MD5

    e0046b158c4a1c1a6970a64c5e4d9ea4

    SHA1

    3ce0e866dcbcf30d4e787423c4235f09a6463a24

    SHA256

    8cce6e8ece1881744e4474f03c2764f8058bb2718f20b3dfad8fb6cbd668f12d

    SHA512

    716f63be8f238574d47ca0a91a78d8c5708537c90be1fce385c8fb754fd6fe33e91fe0ac7b0ef72fd3b7c6b11d310b3ac642a0351b4392f363c47e6b3ec6eff3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd10B5.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    786110d3394edf4bb5c14e3e9a49f9e6

    SHA1

    4adf64a5999a1a41870fedefba22f67840f36f3a

    SHA256

    3ccb4385cd22b5c69bc2583e181da4085477906c193f04eb5a400801e00dbcd5

    SHA512

    e85e49b492a04188c46c90fef6ba5b177f85c670848f902748ec1540839ffb2f5d88563c14026328dd2100a48979ff8e67e7af1eee70fea0eb477c78db4d9524

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd10B5.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    bb3707e7614a444b799d3842bf34b31b

    SHA1

    e4b75748e417b8a7be3a199150f4338f9d883cca

    SHA256

    098a384cb4c14b9639db4f4f113426d2a91d170a2affca3e6ecbe57b18d86c38

    SHA512

    728e7d2a7a555228f24f04829099e5f266f8e3b2f91bc44181c0d08425de158d4c1d61a25c1914bdf0ade43377462169a23b311f7cd110a1e4a07bc781ff25e4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd10B5.tmp\System.dll
    Filesize

    11KB

    MD5

    301a9c8739ed3ed955a1bdc472d26f32

    SHA1

    a830ab9ae6e8d046b7ab2611bea7a0a681f29a43

    SHA256

    6ec9fde89f067b1807325b05089c3ae4822ce7640d78e6f32dbe52f582de1d92

    SHA512

    41d88489ecb5ec64191493a1ed2ed7095678955d9fa72cccea2ae76dd794e62e7b5bd3aa2c313fb4bdf41c2f89f29e4cafe43d564ecad80fce1bf0a240b1e094

    Download Submit

  • memory/1028-29-0x0000000002CA0000-0x0000000002D65000-memory.dmp

    Filesize

    788KB

    Download