Overview

overview

7

Static

static

3

d2f37fe21b...ae.exe

windows7-x64

7

d2f37fe21b...ae.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/06/2024, 06:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d2f37fe21b9a09efa0214f9e1732ff2ebf7458b3fd20d55447eb606a1eaa38ae.exe

  • Size

    2.7MB

  • MD5

    e7a2f6f9d985cdb90775972165ae83ca

  • SHA1

    b152d2a26f71d73ffabaffef45d3378a68d7d7fb

  • SHA256

    d2f37fe21b9a09efa0214f9e1732ff2ebf7458b3fd20d55447eb606a1eaa38ae

  • SHA512

    bcb45b9ef131b604d9199d640e74b34c915bcadf67616423cdcf2e7ee5c28c9f55fed738ae8f7ecc24028613eedcaa64be478a9a29814adb2d10ba0cf0cb4e51

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBX9w4Sx:+R0pI/IQlUoMPdmpSpH4

Score
7/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d2f37fe21b9a09efa0214f9e1732ff2ebf7458b3fd20d55447eb606a1eaa38ae.exe
    "C:\Users\Admin\AppData\Local\Temp\d2f37fe21b9a09efa0214f9e1732ff2ebf7458b3fd20d55447eb606a1eaa38ae.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:32
    • C:\Adobe7S\xoptisys.exe
      C:\Adobe7S\xoptisys.exe
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:4380

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Adobe7S\xoptisys.exe
          Filesize

          2.7MB

          MD5

          c9a5057e272ab7d0a8955ea7f9e834b1

          SHA1

          6ac3caea6144cfbe924a91abd2017da1822844fd

          SHA256

          f75af528abd4382f743bd151d57bdaaa21cd3111d389d17875743627b8a90056

          SHA512

          23e5154bcec5327eb1d70bbb6e2b8ee22c7dc24504a4122557e80e9a92298c953075ea2804038457474d9a20404f3cb320ba9a24936e3e8981522fbba1798d8e

          Download Submit

        • C:\Mint4M\optiasys.exe
          Filesize

          2.7MB

          MD5

          958b4246afb561b0807f795eb7dbdea2

          SHA1

          69a296a615595607bd74bcb345b2de10bd8bf08d

          SHA256

          25227679dc6908ef6dfc2b5b9f8990e61ebb30f7e0cfd0c4abf7cb2d3c7dc2fc

          SHA512

          72b760d485b1b95397ea69c056e2a43f5ecb1714b89cf8a3fd808e46da77899456c33b29d8a5c15e1825da152d26ad058ca79dcd3fefee332eca8ad312c6cd89

          Download Submit

        • C:\Users\Admin\253086396416_10.0_Admin.ini
          Filesize

          204B

          MD5

          f150cdff816b6ca896f802872748c066

          SHA1

          eea7712748392e92ac58d7be83ffde6e043afbb0

          SHA256

          9641455dc1bcb26fb6e22ad78135c948e4ec304d194f4e370d93b5b17118d6cb

          SHA512

          98e1b1cf17ea534868c291b4bf6f2e00d9d9a7acca75345e782e03af2ddc55b3cde58e3bdc32ff4dc4263a38f179a12628d11a1ccd58996e4f891bb09654d759

          Download Submit