Overview

overview

7

Static

static

3

97577a3f1c...18.exe

windows7-x64

7

97577a3f1c...18.exe

windows10-2004-x64

7

$APPDATA/P...ud.exe

windows7-x64

7

$APPDATA/P...ud.exe

windows10-2004-x64

7

$PLUGINSDI...ae.dll

windows7-x64

3

$PLUGINSDI...ae.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMPfolde...ro.exe

windows7-x64

7

$TEMPfolde...ro.exe

windows10-2004-x64

7

$TEMPfolde...l3.dll

windows7-x64

1

$TEMPfolde...l3.dll

windows10-2004-x64

1

$TEMPfolde...r4.dll

windows7-x64

1

$TEMPfolde...r4.dll

windows10-2004-x64

3

$TEMPfolde...c4.dll

windows7-x64

3

$TEMPfolde...c4.dll

windows10-2004-x64

3

$TEMPfolde...s4.dll

windows7-x64

3

$TEMPfolde...s4.dll

windows10-2004-x64

3

$TEMPfolde...s3.dll

windows7-x64

1

$TEMPfolde...s3.dll

windows10-2004-x64

3

$TEMPfolde...bi.dll

windows7-x64

3

$TEMPfolde...bi.dll

windows10-2004-x64

3

$TEMPfolde...m3.dll

windows7-x64

1

$TEMPfolde...m3.dll

windows10-2004-x64

1

$TEMPfolde...l3.dll

windows7-x64

1

$TEMPfolde...l3.dll

windows10-2004-x64

3

$TEMPfolde...e3.dll

windows7-x64

1

$TEMPfolde...e3.dll

windows10-2004-x64

3

$TEMPfolde...n3.dll

windows7-x64

1

$TEMPfolde...n3.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    05-06-2024 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/PiittePol/$APPDATA/PiittePol/Fawbud.exe

  • Size

    122KB

  • MD5

    bc85fdd52ab717b7b1c26b08e37d2d8e

  • SHA1

    074655f68be58b8c749e88783a3d23cb047e5259

  • SHA256

    fd46b2b4c99710d160699e4c9655473a6ee0753da09daf6a963db64e0cff1cc2

  • SHA512

    20f4db629f4d0ee887b2e152cf07d49b0f2ed0e3042f4bb5e19b873d174ccabee6cdc8ba0af59b0c6f8fe74216de599babb00805e1d6183b6831e78397408ee8

  • SSDEEP

    3072:0xm+wnEbRU3rACSUBOtdPJ+etOS+MJW9EPh375zoY:MtqmS0nKKr1oY

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$APPDATA\PiittePol\$APPDATA\PiittePol\Fawbud.exe
    "C:\Users\Admin\AppData\Local\Temp\$APPDATA\PiittePol\$APPDATA\PiittePol\Fawbud.exe"
    1⤵
    • Loads dropped DLL
    PID:2260
  • C:\Users\Admin\AppData\Local\Temp\$APPDATA\PiittePol\$APPDATA\PiittePol\Fawbud.exe
    "C:\Users\Admin\AppData\Local\Temp\$APPDATA\PiittePol\$APPDATA\PiittePol\Fawbud.exe" -cms
    1⤵
    • Loads dropped DLL
    PID:1832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\$APPDATA\PiittePol\$APPDATA\PiittePol\Eeiuwyn.din
    Filesize

    169KB

    MD5

    a7cbb4fa9913693c90bfc15d1d3c5dd4

    SHA1

    f7fa50fd2e4a180b89a2e2c01ed9fb78f80af94e

    SHA256

    98be1238fdc651d8f5d72f7bc8c440397bfe3f989fc59bc49c50b10dc2e23d59

    SHA512

    0facf393c1998a5bd3e891cb06f34b37132927a67af85bad7c384f6af3b2afa93e674b710fa6264d41a6ce844314bafe72426500a5987c9bc0b8e4a82eaa15cb

    Download Submit