18cdf7ac320afc9ee28bff68478fd6f373b956873c82692bcb88c6db01a3809c

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 16:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Setup Melodyne 5 v5.3.1.018.exe
Size

26.2MB
MD5

2584356e8819648ff3af649a0308ad2f
SHA1

56e79b43cfba771b1133ff34446d78e78b5b047f
SHA256

18cdf7ac320afc9ee28bff68478fd6f373b956873c82692bcb88c6db01a3809c
SHA512

01ae0d32ff1da04fee472b9b9c46d7e195a43d8dd1a92398a2cf237e2743490d706cc4dc84366ebe2657f9a33dd5233bfcdb485079b266ee7bcc8b4cb7f234ef
SSDEEP

786432:qBYwnSDSIyWc/fZhtq4H1xyXVPPzC5ujDZp3EuW:qVSDSF1qRVHz2ujDv3EuW

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
5016	Setup Melodyne 5 v5.3.1.018.tmp

Loads dropped DLL 5 IoCs

pid	Process
5016	Setup Melodyne 5 v5.3.1.018.tmp
5016	Setup Melodyne 5 v5.3.1.018.tmp
5016	Setup Melodyne 5 v5.3.1.018.tmp
5016	Setup Melodyne 5 v5.3.1.018.tmp
5016	Setup Melodyne 5 v5.3.1.018.tmp

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5016	Setup Melodyne 5 v5.3.1.018.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1532 wrote to memory of 5016	1532	Setup Melodyne 5 v5.3.1.018.exe	80
PID 1532 wrote to memory of 5016	1532	Setup Melodyne 5 v5.3.1.018.exe	80
PID 1532 wrote to memory of 5016	1532	Setup Melodyne 5 v5.3.1.018.exe	80

C:\Users\Admin\AppData\Local\Temp\Setup Melodyne 5 v5.3.1.018.exe
"C:\Users\Admin\AppData\Local\Temp\Setup Melodyne 5 v5.3.1.018.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1532
- C:\Users\Admin\AppData\Local\Temp\is-S1PC7.tmp\Setup Melodyne 5 v5.3.1.018.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-S1PC7.tmp\Setup Melodyne 5 v5.3.1.018.tmp" /SL5="$8011E,27026197,121344,C:\Users\Admin\AppData\Local\Temp\Setup Melodyne 5 v5.3.1.018.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  PID:5016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-G7HIP.tmp\ISSKINU.DLL

Filesize
357KB

MD5
f30afccd6fafc1cad4567ada824c9358

SHA1
60a65b72f208563f90fba0da6af013a36707caa9

SHA256
e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d

SHA512
59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-G7HIP.tmp\R2RINNO.dll

Filesize
4KB

MD5
5df8ada84a16f5dfc24096ef90a5ce3a

SHA1
5e7e9c68119c3a0a1afc92c60674bc8714492823

SHA256
48a9c8c332fde541b571d9d522d0e37834b452f55af8cbdc341b12222e78fb5b

SHA512
661b5219c74dd6e3a8e899a1b1a3002689d148e337d7323a174519366c9548c284ee76e2faa2f9600cd483db21093ee62399f0d7403c39523c654266760191c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-G7HIP.tmp\SKIN.CJSTYLES

Filesize
813KB

MD5
5f87caf3f7cf63dde8e6af53bdf31289

SHA1
a2c3cc3d9d831acd797155b667db59a32000d7a8

SHA256
4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940

SHA512
4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-S1PC7.tmp\Setup Melodyne 5 v5.3.1.018.tmp

Filesize
1.1MB

MD5
34acc2bdb45a9c436181426828c4cb49

SHA1
5adaa1ac822e6128b8d4b59a54d19901880452ae

SHA256
9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

SHA512
134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

Download Submit
memory/1532-2-0x0000000000401000-0x0000000000412000-memory.dmp

Filesize
68KB

Download
memory/1532-1-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/5016-6-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/5016-15-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-18-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-31-0x0000000076560000-0x0000000076585000-memory.dmp

Filesize
148KB

Download
memory/5016-32-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-41-0x0000000075680000-0x0000000075763000-memory.dmp

Filesize
908KB

Download
memory/5016-40-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-39-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-38-0x0000000076560000-0x0000000076585000-memory.dmp

Filesize
148KB

Download
memory/5016-46-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-73-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-82-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-81-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-80-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-79-0x0000000074EC0000-0x0000000074F34000-memory.dmp

Filesize
464KB

Download
memory/5016-78-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-77-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-76-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-75-0x0000000075680000-0x0000000075763000-memory.dmp

Filesize
908KB

Download
memory/5016-74-0x00000000757F0000-0x00000000758CC000-memory.dmp

Filesize
880KB

Download
memory/5016-72-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-71-0x0000000074EC0000-0x0000000074F34000-memory.dmp

Filesize
464KB

Download
memory/5016-70-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-69-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-68-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-67-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-66-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-65-0x0000000074EC0000-0x0000000074F34000-memory.dmp

Filesize
464KB

Download
memory/5016-64-0x0000000076560000-0x0000000076585000-memory.dmp

Filesize
148KB

Download
memory/5016-63-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-62-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-61-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-60-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-58-0x0000000074EC0000-0x0000000074F34000-memory.dmp

Filesize
464KB

Download
memory/5016-57-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-56-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-54-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-53-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-52-0x0000000074EC0000-0x0000000074F34000-memory.dmp

Filesize
464KB

Download
memory/5016-51-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-50-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-49-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-48-0x0000000075680000-0x0000000075763000-memory.dmp

Filesize
908KB

Download
memory/5016-47-0x00000000757F0000-0x00000000758CC000-memory.dmp

Filesize
880KB

Download
memory/5016-45-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-42-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-59-0x0000000074070000-0x0000000074192000-memory.dmp

Filesize
1.1MB

Download
memory/5016-55-0x0000000076590000-0x0000000076B43000-memory.dmp

Filesize
5.7MB

Download
memory/5016-44-0x0000000074F40000-0x0000000075150000-memory.dmp

Filesize
2.1MB

Download
memory/5016-43-0x0000000076B70000-0x0000000076C1F000-memory.dmp

Filesize
700KB

Download
memory/5016-37-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-36-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-35-0x0000000074240000-0x0000000074270000-memory.dmp

Filesize
192KB

Download
memory/5016-34-0x0000000076560000-0x0000000076585000-memory.dmp

Filesize
148KB

Download
memory/5016-33-0x0000000075E40000-0x0000000075EBA000-memory.dmp

Filesize
488KB

Download
memory/5016-29-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-30-0x0000000075E40000-0x0000000075EBA000-memory.dmp

Filesize
488KB

Download
memory/5016-28-0x0000000075E40000-0x0000000075EBA000-memory.dmp

Filesize
488KB

Download
memory/5016-27-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-26-0x0000000075E40000-0x0000000075EBA000-memory.dmp

Filesize
488KB

Download
memory/5016-25-0x0000000003360000-0x00000000033C1000-memory.dmp

Filesize
388KB

Download
memory/5016-24-0x0000000075E40000-0x0000000075EBA000-memory.dmp

Filesize
488KB

Download
memory/5016-164-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads