ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24/05/2024, 01:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0.exe
Size

49.1MB
MD5

4e14611a07ab337ac271117a19c3181e
SHA1

b1e420c460b8dd3d8fbcd5e1f0a14da833d6c05e
SHA256

ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0
SHA512

6dfeafc0e260bd1d081ac6a3422f2c0d35d88c173391acab097eb672fddb5ee1b8366aee713c6dacea50b6f7714a4158142a729b981fffb1fe1efa2f26890110
SSDEEP

393216:LwZs2PWABsKi/W8Bs/md6sJZRbfnA3yt1lpoixFHOhioP3FFY0cOFqklODLpnZIl:MZGdO8BsOMsVICNpu1HKNLy70goW41

Score

9^/10

Malware Config

Signatures

Detects executables manipulated with Fody 1 IoCs

resource	yara_rule
behavioral1/memory/1936-1-0x0000000000A10000-0x0000000003B36000-memory.dmp	INDICATOR_EXE_Packed_Fody

Loads dropped DLL 1 IoCs

pid	Process
1936	ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0.exe

C:\Users\Admin\AppData\Local\Temp\ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0.exe
"C:\Users\Admin\AppData\Local\Temp\ca6e33cf72e210e9b8faaa354de8b2382fc5e2a163d9172802011f68983fccb0.exe"
1⤵
- Loads dropped DLL
PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\Costura\0356CB2390ED0D212B1CEB25ED194726\64\magick.native-q8-x64.dll

Filesize
22.1MB

MD5
6cac0019d5f953791e171e57ea8f4e7c

SHA1
3ee0ae90971a319bee12b9bbe6d7587b7c8f923b

SHA256
33d66978194cbf759e262a32b83f62e0e7185483824555998b3a9994d2e8b619

SHA512
7a0c5805ddef633e522ebb64772c62fb74f7bf35275ab3635ff3b6d0ba55c1cb5f6cb269b5a1abfa5da748ea82bcc71225f0bc6ef8b074bb8cbb0c450e8f5324

Download Submit
memory/1936-13-0x0000000020500000-0x000000002086C000-memory.dmp

Filesize
3.4MB

Download
memory/1936-15-0x0000000003CD0000-0x0000000003CE0000-memory.dmp

Filesize
64KB

Download
memory/1936-6-0x0000000000550000-0x0000000000564000-memory.dmp

Filesize
80KB

Download
memory/1936-7-0x0000000000670000-0x000000000068C000-memory.dmp

Filesize
112KB

Download
memory/1936-8-0x0000000000690000-0x000000000069A000-memory.dmp

Filesize
40KB

Download
memory/1936-9-0x00000000009B0000-0x00000000009BA000-memory.dmp

Filesize
40KB

Download
memory/1936-10-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download
memory/1936-11-0x00000000009C0000-0x00000000009E0000-memory.dmp

Filesize
128KB

Download
memory/1936-12-0x00000000009E0000-0x00000000009FA000-memory.dmp

Filesize
104KB

Download
memory/1936-16-0x0000000003CF0000-0x0000000003CFA000-memory.dmp

Filesize
40KB

Download
memory/1936-1-0x0000000000A10000-0x0000000003B36000-memory.dmp

Filesize
49.1MB

Download
memory/1936-14-0x000000001EB10000-0x000000001EBFE000-memory.dmp

Filesize
952KB

Download
memory/1936-0-0x000007FEF5693000-0x000007FEF5694000-memory.dmp

Filesize
4KB

Download
memory/1936-17-0x0000000005330000-0x0000000005372000-memory.dmp

Filesize
264KB

Download
memory/1936-18-0x0000000003CE0000-0x0000000003CF2000-memory.dmp

Filesize
72KB

Download
memory/1936-19-0x0000000003D00000-0x0000000003D0E000-memory.dmp

Filesize
56KB

Download
memory/1936-20-0x0000000005370000-0x0000000005398000-memory.dmp

Filesize
160KB

Download
memory/1936-21-0x0000000005420000-0x000000000542A000-memory.dmp

Filesize
40KB

Download
memory/1936-22-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download
memory/1936-23-0x000007FEF5693000-0x000007FEF5694000-memory.dmp

Filesize
4KB

Download
memory/1936-24-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download
memory/1936-25-0x000007FEF5690000-0x000007FEF607C000-memory.dmp

Filesize
9.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads