dea3dcae56acabada707a1c3ee0422fefa1f280aa3ca2c28c52714e16db060d2

Resubmissions

09-06-2024 02:15

240609-cpq8fsca8w 7

09-06-2024 02:14

240609-cn9cmscg37 3

Analysis

max time kernel
120s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
09-06-2024 02:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SuperF4-1.4.exe
Size

137KB
MD5

913e0bdc0124f415b1e99bc7c1a2e31b
SHA1

00a443e70039641d1ea3dc92c306c4e2c75733ad
SHA256

dea3dcae56acabada707a1c3ee0422fefa1f280aa3ca2c28c52714e16db060d2
SHA512

ba0257002023ae1b575356000cfcb96dafa5ca3bdea489872218508987397e62162862ef0ecd9713d579452a0a56d2988e5b9efd2566fc54f60ff94c14e5ede8
SSDEEP

3072:PE52Bcj8B3ebhwxv5L1A5mKmK+xN45nP4gMrp+RsNSA7eFXIjc34k:zBcY+8MHT+NCYMsNJ7eyjc34k

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped DLL 3 IoCs

pid	Process
2908	SuperF4-1.4.exe
2908	SuperF4-1.4.exe
2908	SuperF4-1.4.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\SuperF4-1.4.exe
"C:\Users\Admin\AppData\Local\Temp\SuperF4-1.4.exe"
1⤵
- Loads dropped DLL
PID:2908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsk2DD8.tmp\System.dll

Filesize
23KB

MD5
8643641707ff1e4a3e1dfda207b2db72

SHA1
f6d766caa9cafa533a04dd00e34741d276325e13

SHA256
d1b94797529c414b9d058c17dbd10c989eef59b1fa14eea7f61790d7cfa7fd25

SHA512
cc8e07395419027914a6d4b3842ac7d4f14e3ec8be319bfe5c81f70bcf757f8c35f0aaeb985c240b6ecc71fc3e71b9f697ccda6e71f84ac4930adf5eac801181

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsk2DD8.tmp\nsDialogs.dll

Filesize
11KB

MD5
79a0bde19e949a8d90df271ca6e79cd2

SHA1
946ad18a59c57a11356dd9841bec29903247bb98

SHA256
8353f495064aaf30b32b02f5d935c21f86758f5a99d8ee5e8bf8077b907fad90

SHA512
2a65a48f5dd453723146babca8d047e112ab023a589c57fcf5441962f2846a262c2ad25a2985dba4f2246cdc21d973cbf5e426d4b75dd49a083635400f908a3e

Download Submit
memory/2908-11-0x000000006E5C0000-0x000000006E5CD000-memory.dmp

Filesize
52KB

Download
memory/2908-10-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2908-36-0x000000006EB40000-0x000000006EB4A000-memory.dmp

Filesize
40KB

Download
memory/2908-35-0x000000006E5C0000-0x000000006E5CD000-memory.dmp

Filesize
52KB

Download
memory/2908-34-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download