Analysis
-
max time kernel
140s -
max time network
141s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/06/2024, 21:54
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
VirusShare_b790d39303d6dd72888356ccf29496d3.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
VirusShare_b790d39303d6dd72888356ccf29496d3.exe
Resource
win10v2004-20240508-en
1 signatures
150 seconds
General
-
Target
VirusShare_b790d39303d6dd72888356ccf29496d3.exe
-
Size
544KB
-
MD5
b790d39303d6dd72888356ccf29496d3
-
SHA1
ef18b90de15ba8b74be13394bb430e8b14930223
-
SHA256
b1110ac4176c82134ae226c742d7ab5b0649d9ad4e35464342abcc33d4cf0215
-
SHA512
1cf0a2b73312d5a10245fd797b8ee381b68932cf912ac3219f642fdc124873e7a535cc190c0a526bdddf641cadbb3e7f4d19c81b45a4a7ab23a0e049a26fbeea
-
SSDEEP
12288:BR4v+jMkvf42wrCPIOHoHKtXs4oDfN/yqQtwcpUre/vvdr:B++wk34LOHo5DfN/yqQie
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2280-0-0x0000000000400000-0x00000000004D8000-memory.dmp upx behavioral1/memory/2280-4-0x0000000000400000-0x00000000004D8000-memory.dmp upx behavioral1/memory/2280-7-0x0000000000400000-0x00000000004D8000-memory.dmp upx behavioral1/memory/2280-11-0x0000000000400000-0x00000000004D8000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Windows\CurrentVersion\Run\AS2014 = "C:\\ProgramData\\x6gxRgDp\\x6gxRgDp.exe" VirusShare_b790d39303d6dd72888356ccf29496d3.exe