Overview

overview

7

Static

static

3

DMarketBotSetup.exe

windows7-x64

7

DMarketBotSetup.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    108s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-05-2024 21:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DMarketBotSetup.exe

  • Size

    11.1MB

  • MD5

    ad3ff4f64452a89434be69825bc2b069

  • SHA1

    e03eaba0902079634478a4aa3d97a18f9f75b17b

  • SHA256

    6a84fc3e4cb0fa36f73848931304b5b6c37393f6e32aaf04b5e28e87cbe65fef

  • SHA512

    d5688b2bfb0d88336f9897c2af6d9615b461c5d2312734c9ecf38acfdf4673925aa9b9a3955b9075e1097d22871705ea4b763b997634d459aea90889490cb642

  • SSDEEP

    196608:89t+MxMjM7jxVHWJMt9tRlV4khsV8dVrQVxAZyB1VHfsgZTowF/Aqc:898MxMjM7jrxskCa/OAkUwFY1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DMarketBotSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\DMarketBotSetup.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    PID:4064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\IF{E0F85F5F-8A27-4A91-A107-869325F5BF44}\Bahasa Indonesia.ifl
    Filesize

    3KB

    MD5

    8484a22b2e209ea8e6f8ebd02727f58e

    SHA1

    d007e18d99fd621d3891fd5dd7216a6ecb1a17c4

    SHA256

    ff9dd57dd9f2427895b60626692f8291582d150341fd063faf8dbc23586b5aa3

    SHA512

    efe2fdebdc656929fd8d64c938b978834d8863e2962f59aa358b71daa64c2bb8f25b2f27793875616c178a405f2736953a232b3ad12724d744aed9ff8c041d73

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\IF{E0F85F5F-8A27-4A91-A107-869325F5BF44}\licence.rtf
    Filesize

    231B

    MD5

    765fd7db5e1d7545229b0524fb162d79

    SHA1

    7e53f9c4a3cbd0ccfdc7b9482f76ea60db485362

    SHA256

    ce243197051e20f932a455ee908a5348b69eb157a989fbfaa550d1c213481e76

    SHA512

    651a89cd22e7ae8782f33c34d89210cf210e254c7502485460aac893b7629b4da0f8e534f04e147a42ed4b37e01decd0ec872d0b389565d6292b14391be04390

    Download Submit