Overview

overview

8

Static

static

3

5a7859e80f...8a.exe

windows7-x64

8

5a7859e80f...8a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-06-2024 20:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a7859e80fe07dbbfc602996e364a89e5062965904a5dcfac157c6b5d6ad0b8a.exe

  • Size

    4.8MB

  • MD5

    ecdec27451f2730689ad1057e5d6689e

  • SHA1

    44f5820bce67c51aabd8a92b8ce8d05e0d7e3552

  • SHA256

    5a7859e80fe07dbbfc602996e364a89e5062965904a5dcfac157c6b5d6ad0b8a

  • SHA512

    0386081ad5827950b6bb6ce4ba45526aa3de972a6291ed3ac697717851b93a733f8d5814585fea9ac0963f992b5823b2a392c59026e5d91ee8da863b6cc5cfa4

  • SSDEEP

    98304:wX3oVSsYFZ2xtS/BZXxkIfPG1f5eAM/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AG:2F2qBZBkI0heAM/Cw/khc5FbKEV6PVRd

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\5a7859e80fe07dbbfc602996e364a89e5062965904a5dcfac157c6b5d6ad0b8a.exe
    "C:\Users\Admin\AppData\Local\Temp\5a7859e80fe07dbbfc602996e364a89e5062965904a5dcfac157c6b5d6ad0b8a.exe"
    1⤵
      PID:232
      • C:\Users\Admin\AppData\Local\Temp\{F321E470-8460-43ef-A77B-20BEC63DDB86}-TemporaryCache\KB931125.exe
        "C:\Users\Admin\AppData\Local\Temp\{F321E470-8460-43ef-A77B-20BEC63DDB86}-TemporaryCache\KB931125.exe"
        2⤵
          PID:4788
          • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe
            C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe authroots.sst
            3⤵
              PID:2160
            • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe
              C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe updroots.sst
              3⤵
                PID:5080
              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe
                C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe -l roots.sst
                3⤵
                  PID:8
                • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe
                  C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe -d delroots.sst
                  3⤵
                    PID:4084

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL
                Filesize

                89KB

                MD5

                a64e4b204d44548eeb5c3d86eca2ad70

                SHA1

                e3245bf6dbb2e56d71a9cbad2697aa4fa0df6bbe

                SHA256

                985a5603ebf94539ac11549999f83b5e6dc008180994898c5daa6fd31ae1e9dc

                SHA512

                dca4099318954bab5f1204645be0d0e8fea0c2e97ee95496fa884fbed627e376358623fa94c39bf0abe97d07d46a7e6c5e1081496cdd1987e07e595995a46cd5

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\authroots.sst
                Filesize

                73KB

                MD5

                bb49ccc10926cdb601eba81afef749a2

                SHA1

                a4766c9aea8d211e9632148fd4b625cece195be9

                SHA256

                f013ee3b7fede9a95844e83e83ee298d38cba6efce5a5cafcd8b95255c32f86c

                SHA512

                94c2809727039d1ed07a3742a4b2f9300e865ea7c49bc1fcf547a30238eeecc88d8dd06a2d4f3112317f948908b9af082b50f412a41a2bcb48d5e30d6d8ecbba

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\delroots.sst
                Filesize

                9KB

                MD5

                7b32871e409608ff887b6cf4d87debb0

                SHA1

                191f9ea1298ee52dbd6f977b3584109a064f57b9

                SHA256

                3f01268547364d2d60a0f65b46757cccfd9225fc39d581846a8fbffdb5756ff2

                SHA512

                534a384f7946db4083e639b8e02d83ac97293c60630b8811a84c85e0330e9c293f05f5cf71e0f3580551e7923bc5a3bfb7f0406432ca3cdb7efeb4a950ac5e8a

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\roots.sst
                Filesize

                7KB

                MD5

                9e5de0fd1f90486a66dee4bfe89a78d7

                SHA1

                90e3188ef63495aaa71c85d4ff0f23253c834b40

                SHA256

                8b95ff56d61586582864d05563762615c8705779578dca3c98a303c3b1f4122e

                SHA512

                60006fa6f57e4d280642d51055f85f8d27b913ce71373de5b928c515c77647295030ab73ab4a55024de4a40c18f200909f49ffb52c26cf554835fc3d4cc348f1

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\rootsupd.inf
                Filesize

                1KB

                MD5

                421e60325404f5f29ac04c9b9d59096b

                SHA1

                aace2fd74d799e8af5c8d5b2646361bb67a1620c

                SHA256

                571a8da5298aacc37700c747ee5d72b5a7797835140e7a4d4f895e9604574d77

                SHA512

                86693975b1b187ee65b0a23b1f3f8e05d1a3f61e7e47b060f938fe1602bbad96021847b709e64c2d5a295b72f10f4db587a11a1e7ca0a0b64c3bed7fa683b1d2

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.exe
                Filesize

                5KB

                MD5

                9c18ae971cbffb096952177f6804ea31

                SHA1

                bb255dd1bd9bb39cdbb8671af66054432c686828

                SHA256

                2703c25453b09c40ee81fdc458b8cc24712e387a12d15ff94e12b02921fe98cb

                SHA512

                21086509bb4ea5afede55d034955de0bdf8b366d5d8d4bfa7a6c68b0f35fbf217ff3e932f87fc1d37f09022805e79ceeecbaf3dbccbd96d7c93029ffe7370e4c

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\updroots.sst
                Filesize

                320KB

                MD5

                2d9b4498c847715418160bfd7e7c8a2d

                SHA1

                e0873091d476d2566aa6fc988cb364247c95dc97

                SHA256

                c49c05b701c390c679e5e3226ec621f22a08155b1065fcfc37b509f648f03b41

                SHA512

                dcf3208cdd1e4353f82823f796d735c1209f149f183eea827a90753ec55509a1c460a16c120e07c12a5eacf0e67d2661c25638491ecf4403e25d6508983e519b

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\{5DFB59BC-00E2-48b2-AF74-F1B59222C3C4}-TemporaryCache\7z.dll
                Filesize

                1.1MB

                MD5

                f0fef6362d4886e85a186a5e3766650a

                SHA1

                65843b7052a4d1b84762479d79445c46834e18b5

                SHA256

                15b9fe7d408cbf2204039087526e7df947df57b42ea479e303b682e956638816

                SHA512

                3f6dfd701cf62b77219f8825a2257c4bd7d44ebafc5654b06abaf906ced2571f4eeb04fe22ae6136c14bddebddb12555aa6efd322e779443d57bb122ea786043

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\{F321E470-8460-43ef-A77B-20BEC63DDB86}-TemporaryCache\KB931125.exe
                Filesize

                349KB

                MD5

                4a4d72d34f9da1fc5019e0748fcde2f5

                SHA1

                f54752ec63369522f37e545325519ee434cdf439

                SHA256

                83b660f3f3eaddd4b388ed3f806f7444f03429fb63fc1f8db3d86294914a05ca

                SHA512

                95986ffbf51483a0d1a256028847c7ee6ac73ffd62f6d838309a69e1833f719a7cfed5422815f4d4a49dbd599c449f8db8f60273136720cb1da5f8b0eb24cb33

                Download Submit