Analysis

  • max time kernel
    101s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 13:59

General

  • Target

    TVK.exe

  • Size

    1.8MB

  • MD5

    423c464233957c5051d0ff3c99374eb9

  • SHA1

    b6f57eddda400ad497944ee9e83a1f5668fdf17c

  • SHA256

    49ff2e5130f5eface959ad9926fd7a6095c6e2b3341b246b772a94362493cc33

  • SHA512

    0e7b9bfbf08f5ccfae2a4e0eb5b781c4942401112734d86ba1363321be8ce45f5fdfad373122b35edb5b27af6b96f54b2084cb18e30162d5be4543a607aafc48

  • SSDEEP

    49152:EOEnpV1qK/jsTargC/1TuusZWhKWGL6ImfT:bgcK7rBtTuuVZGL6TT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TVK.exe
    "C:\Users\Admin\AppData\Local\Temp\TVK.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nszF4BD.tmp\ioSpecial.ini

    Filesize

    548B

    MD5

    4adc6fc7473ccc7b4579022d3d1f057c

    SHA1

    e9e399efc9883bca28665f99526b10fd8470ead6

    SHA256

    d5a3aa1fb9f717e3daa9e1fc9f57a64a323439c6b85ebc2c56ef2c3fcf7be227

    SHA512

    f59b1971f965c354dee2b0cd422760798bfd2c1eb379c59da817ca308dbcf617731a5d00e19a16aef559aa20d6c866af64e9edbc619e8147b045103a91c5a4d9

  • \Users\Admin\AppData\Local\Temp\nszF4BD.tmp\InstallOptions.dll

    Filesize

    12KB

    MD5

    695751df50c11f303b060d63eababe1d

    SHA1

    ffa5fa91750c3e63589fecae8aa90c232611c94d

    SHA256

    4f871b4c8815758f7718ad68d688c6dc05cae205ddf3bcb00147a99746414435

    SHA512

    c9877e0d08c65b23717f3acf3be92ead79c6afde594bd4358694e128fb7149f4a1f33380fae0fb65411e5c68a9d91d2a353b4ef3da5169d3452441eb65880ce0