260687b1e1ee90adb739fa9e618be63ae531952ad3f955b8d6ce70c773cd5cf5

Submit
Reports

Overview

overview

Static

static

Virussign....41.exe

windows7-x64

Virussign....41.exe

windows10-2004-x64

Virussign....83.exe

windows7-x64

Virussign....83.exe

windows10-2004-x64

Virussign....0a.exe

windows7-x64

Virussign....0a.exe

windows10-2004-x64

Virussign....b9.exe

windows7-x64

Virussign....b9.exe

windows10-2004-x64

Virussign....35.exe

windows7-x64

Virussign....35.exe

windows10-2004-x64

Virussign....7d.exe

windows7-x64

Virussign....7d.exe

windows10-2004-x64

Virussign....f1.exe

windows7-x64

Virussign....f1.exe

windows10-2004-x64

Virussign....ad.exe

windows7-x64

Virussign....ad.exe

windows10-2004-x64

Virussign....9c.exe

windows7-x64

Virussign....9c.exe

windows10-2004-x64

Virussign....55.exe

windows7-x64

Virussign....55.exe

windows10-2004-x64

Virussign....c5.exe

windows7-x64

Virussign....c5.exe

windows10-2004-x64

$PLUGINSDI...de.dll

windows7-x64

$PLUGINSDI...de.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

$PLUGINSDI...gs.dll

windows7-x64

$PLUGINSDI...gs.dll

windows10-2004-x64

$SYSDIR/GPhotos.scr

windows7-x64

$SYSDIR/GPhotos.scr

windows10-2004-x64

$TEMP/Pica...sg.dll

windows7-x64

$TEMP/Pica...sg.dll

windows10-2004-x64

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
13-06-2024 02:42

Sharing

Copy URL

Twitter E-mail

Static task

static1

8 signatures

Behavioral task

behavioral1

Sample

Virussign.2024.06.08/virussign.com_001d2d017b5a7716053d3f1486270f41.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Virussign.2024.06.08/virussign.com_001d2d017b5a7716053d3f1486270f41.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Virussign.2024.06.08/virussign.com_00d73b2201d137dafcd073e6f90ed283.exe

Resource

win7-20240508-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Virussign.2024.06.08/virussign.com_00d73b2201d137dafcd073e6f90ed283.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

Virussign.2024.06.08/virussign.com_012d6250b2f03cc71381041c4eeeb50a.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Virussign.2024.06.08/virussign.com_012d6250b2f03cc71381041c4eeeb50a.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Virussign.2024.06.08/virussign.com_0253492c47e1aae5c1906a4b099e13b9.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Virussign.2024.06.08/virussign.com_0253492c47e1aae5c1906a4b099e13b9.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Virussign.2024.06.08/virussign.com_025c0616d26ebf93aa583d575245bf35.exe

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Virussign.2024.06.08/virussign.com_025c0616d26ebf93aa583d575245bf35.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Virussign.2024.06.08/virussign.com_02c31485fa69ef9d1a370034d043587d.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Virussign.2024.06.08/virussign.com_02c31485fa69ef9d1a370034d043587d.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Virussign.2024.06.08/virussign.com_03bf9f5a5e7769cd9cddf935454e30f1.exe

Resource

win7-20240508-en

upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral14

Sample

Virussign.2024.06.08/virussign.com_03bf9f5a5e7769cd9cddf935454e30f1.exe

Resource

win10v2004-20240226-en

upx

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

Virussign.2024.06.08/virussign.com_03d6ebf12ae52644ac8fbc893526aaad.exe

Resource

win7-20240611-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Virussign.2024.06.08/virussign.com_03d6ebf12ae52644ac8fbc893526aaad.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Virussign.2024.06.08/virussign.com_0437640434489c178ddce32f6bc8bd9c.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Virussign.2024.06.08/virussign.com_0437640434489c178ddce32f6bc8bd9c.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Virussign.2024.06.08/virussign.com_044454717ce16bdfddd7dfedfc4fa455.exe

Resource

win7-20240221-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

Virussign.2024.06.08/virussign.com_044454717ce16bdfddd7dfedfc4fa455.exe

Resource

win10v2004-20240508-en

discovery

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral21

Sample

Virussign.2024.06.08/virussign.com_0622fa4ddac7802def045e83a4ccb8c5.exe

Resource

win7-20240611-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

Virussign.2024.06.08/virussign.com_0622fa4ddac7802def045e83a4ccb8c5.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

$PLUGINSDIR/NSIS_Picasa_Unicode.dll

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

$PLUGINSDIR/NSIS_Picasa_Unicode.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240611-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240611-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

$SYSDIR/GPhotos.scr

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

$SYSDIR/GPhotos.scr

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

$TEMP/PicasaInstaller/spmsg.dll

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

$TEMP/PicasaInstaller/spmsg.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

$SYSDIR/GPhotos.scr
Size

4.4MB
MD5

d27fa7516848de6820d9bb95be7a4e36
SHA1

f87eba07d880a1fb3e87391655153790542e2d4b
SHA256

7966d8f3db6b6fa46ab53e3ee9ae0d11bcbf18049a1df06f1289b31ee6db4299
SHA512

603c570d26a0ac000f72dfc905483af623048a2aeea0396827c77dd627416466e88446f3cee59bae259317fcb8eb4072ca208a720bcd732db7cf7968b8f244a4
SSDEEP

98304:saW9lnNyMKJ2BWMXt/34smaZmaRME9iv:swM9PJmaZma

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\$SYSDIR\GPhotos.scr
"C:\Users\Admin\AppData\Local\Temp\$SYSDIR\GPhotos.scr" /S
1⤵
PID:3272

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3868 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:8
1⤵
PID:4184

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads