Overview

overview

7

Static

static

3

38afba1a62...75.exe

windows7-x64

7

38afba1a62...75.exe

windows10-2004-x64

7

$PLUGINSDIR/EnVar.dll

windows7-x64

3

$PLUGINSDIR/EnVar.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PROGRAMFI...ne.dll

windows7-x64

1

$PROGRAMFI...ne.dll

windows10-2004-x64

1

$PROGRAMFI...er.exe

windows7-x64

1

$PROGRAMFI...er.exe

windows10-2004-x64

1

$PROGRAMFI...nt.exe

windows7-x64

7

$PROGRAMFI...nt.exe

windows10-2004-x64

7

$PROGRAMFI...cp.exe

windows7-x64

1

$PROGRAMFI...cp.exe

windows10-2004-x64

1

$PROGRAMFI...ry.dll

windows7-x64

1

$PROGRAMFI...ry.dll

windows10-2004-x64

1

$PROGRAMFI...ol.dll

windows7-x64

1

$PROGRAMFI...ol.dll

windows10-2004-x64

1

$PROGRAMFI...ws.dll

windows7-x64

1

$PROGRAMFI...ws.dll

windows10-2004-x64

1

$PROGRAMFI...et.dll

windows7-x64

1

$PROGRAMFI...et.dll

windows10-2004-x64

1

$PROGRAMFI...sm.exe

windows7-x64

1

$PROGRAMFI...sm.exe

windows10-2004-x64

1

$PROGRAMFI...64.exe

windows7-x64

7

$PROGRAMFI...64.exe

windows10-2004-x64

7

$WINDIR/Sy...er.dll

windows7-x64

1

$WINDIR/Sy...er.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/07/2024, 16:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    38afba1a62ee831a679ed728da8ca167b4c80a432a3ddf575c784bdd29d33975.exe

  • Size

    40.7MB

  • MD5

    9bae70489ffa1fd07797f8964350af30

  • SHA1

    274d484c8de888ba87f3232f451c888e436337b5

  • SHA256

    38afba1a62ee831a679ed728da8ca167b4c80a432a3ddf575c784bdd29d33975

  • SHA512

    fed7c1bc02fba7047a40749ccb4b490f10de960fec66ffdbae612ff32d3d45dba24eeb32fabc6b03ba8a251c0077aace51ce46494b623c8b2adafabb68758080

  • SSDEEP

    786432:DDXX2y7L9rwbfDRqaLpFNuLbT4U4VXpbmAlf2+oEcuQdU8N/IbwUI:DDH2y7h2dqEpFNuLbTh4lpSe++oSor1

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\38afba1a62ee831a679ed728da8ca167b4c80a432a3ddf575c784bdd29d33975.exe
    "C:\Users\Admin\AppData\Local\Temp\38afba1a62ee831a679ed728da8ca167b4c80a432a3ddf575c784bdd29d33975.exe"
    1⤵
    • Loads dropped DLL
    PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nso8F41.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    d095b082b7c5ba4665d40d9c5042af6d

    SHA1

    2220277304af105ca6c56219f56f04e894b28d27

    SHA256

    b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c

    SHA512

    61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nso8F41.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    bf6997ff6799773c7240661d8d95d61f

    SHA1

    8633b1ce09c0a42b279b736f94d2a9c8ced02c3c

    SHA256

    a08a50c7c7ae9341213798aaac5536a721f9d2d01dab5a702772b87e35e72cd9

    SHA512

    8c40641a7f992c07ed99f32b9f23a40843eb173a76f7ac07ea9676de51fdce92d0d526ac01b0d1b902e6a2a238b0a6fb4df0f4b300ce3231538c23773df492f2

    Download Submit