Overview

overview

9

Static

static

7

2b3aa9f8d9...84.exe

windows7-x64

4

2b3aa9f8d9...84.exe

windows10-2004-x64

4

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

DRCom.dll

windows7-x64

9

DRCom.dll

windows10-2004-x64

9

Qt5Core.dll

windows7-x64

1

Qt5Core.dll

windows10-2004-x64

3

Qt5Gui.dll

windows7-x64

1

Qt5Gui.dll

windows10-2004-x64

1

Qt5Network.dll

windows7-x64

3

Qt5Network.dll

windows10-2004-x64

3

Qt5PrintSupport.dll

windows7-x64

3

Qt5PrintSupport.dll

windows10-2004-x64

3

Qt5Svg.dll

windows7-x64

3

Qt5Svg.dll

windows10-2004-x64

3

Qt5WebKit.dll

windows7-x64

3

Qt5WebKit.dll

windows10-2004-x64

3

Qt5WebKitWidgets.dll

windows7-x64

3

Qt5WebKitWidgets.dll

windows10-2004-x64

3

Qt5Widgets.dll

windows7-x64

3

Qt5Widgets.dll

windows10-2004-x64

3

Qt5WinExtras.dll

windows7-x64

3

Qt5WinExtras.dll

windows10-2004-x64

3

Qt5Xml.dll

windows7-x64

3

Qt5Xml.dll

windows10-2004-x64

3

iconengine...on.dll

windows7-x64

1

iconengine...on.dll

windows10-2004-x64

1

icudt57.dll

windows7-x64

1

icudt57.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    107s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 01:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b3aa9f8d949be0919837b8f00c79700c0db437a6a8f042fcff2ec4b2c03c584.exe

  • Size

    43.1MB

  • MD5

    c75b5515952ea615219e1991c4592236

  • SHA1

    2ade0a6c621b36f727e461059c3cdf2126d4bfca

  • SHA256

    2b3aa9f8d949be0919837b8f00c79700c0db437a6a8f042fcff2ec4b2c03c584

  • SHA512

    65686328dc3ccec012871be9a1dcdc0aee0b0337ddf2ceeb689c4427a7a626091153a296a24ff4108dcca4e6247c2505e9375057172c56584f75dc82de4acb61

  • SSDEEP

    786432:fV/UMe6yXkT3cCJ8FI5G4FtOOVPILJ8G+WwwlavmeeOEcI0wP0XECxgejlot:fVsMgXB2wpO1ILCTwlavmdOTLUCxLot

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b3aa9f8d949be0919837b8f00c79700c0db437a6a8f042fcff2ec4b2c03c584.exe
    "C:\Users\Admin\AppData\Local\Temp\2b3aa9f8d949be0919837b8f00c79700c0db437a6a8f042fcff2ec4b2c03c584.exe"
    1⤵
    • Loads dropped DLL
    PID:548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsx40E2.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    5f35212d7e90ee622b10be39b09bd270

    SHA1

    c4bc9593902adf6daaef37e456dc6100d50d0925

    SHA256

    31944b93e44301974d9c6f810d2da792e34a53dcacd619a08cb0385ac59e513d

    SHA512

    7514810367f56d994c6d5703b56ac16124fab5dfdcfbe337d4413274c1ff9037a2ee623e49ab2fb6227412ab29fcc49a3ada1391910d44c2b5de0adeb3e7c2f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx40E2.tmp\System.dll
    Filesize

    11KB

    MD5

    fccff8cb7a1067e23fd2e2b63971a8e1

    SHA1

    30e2a9e137c1223a78a0f7b0bf96a1c361976d91

    SHA256

    6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e

    SHA512

    f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsx40E2.tmp\ioSpecial.ini
    Filesize

    607B

    MD5

    6a39807a6c7ab044f85cbe5c015246f8

    SHA1

    4be1e8a475e8536f8ed4ac50d6b87c602242a6b3

    SHA256

    d93bbc93f5fb26b723c282680f926dd4097b986395e5624e9aa29f3c6608e108

    SHA512

    009bed32fc689905c5f689e63bd6995b14fea7987b971bd48defc73ee96758c2ab2c63394b2bdedc1608a6ea8a195f589388b10cdad044cb102ebbfdca6c9a3f

    Download Submit