Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/06/2024, 07:36

General

  • Target

    b7f42f3b81e0de55c6924877da78ef13ad63e018b0a5bc520312acfa65ac6f3e.exe

  • Size

    48KB

  • MD5

    da80a654b45a3d555a358906045df8da

  • SHA1

    08572a8c7bab8173f402f6c775a547424e3798b7

  • SHA256

    b7f42f3b81e0de55c6924877da78ef13ad63e018b0a5bc520312acfa65ac6f3e

  • SHA512

    6ee3bc889b3851ef2ec9aca5a6bb2a71e73fb8db80d9630a2f6f7ff3f171b1b5547595d570dd481f1416ebe7ce298d1c1c77188074ae496c3be49550ae942c56

  • SSDEEP

    768:ftchUPdem8NO6vKAESnLaL7F2STsFHSLCQRAJ5S5+HVybXHA2Ic:3dON1LlaL52/Fy+NDS5+kZz

Score
9/10

Malware Config

Signatures

  • Detects executables packed with Dotfuscator 1 IoCs
  • Modifies system certificate store 2 TTPs 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b7f42f3b81e0de55c6924877da78ef13ad63e018b0a5bc520312acfa65ac6f3e.exe
    "C:\Users\Admin\AppData\Local\Temp\b7f42f3b81e0de55c6924877da78ef13ad63e018b0a5bc520312acfa65ac6f3e.exe"
    1⤵
    • Modifies system certificate store
    PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2448-0-0x00007FF82EDB5000-0x00007FF82EDB6000-memory.dmp

    Filesize

    4KB

  • memory/2448-1-0x00007FF82EB00000-0x00007FF82F4A1000-memory.dmp

    Filesize

    9.6MB

  • memory/2448-7-0x000000001DDA0000-0x000000001DDAE000-memory.dmp

    Filesize

    56KB

  • memory/2448-9-0x00007FF82EB00000-0x00007FF82F4A1000-memory.dmp

    Filesize

    9.6MB