Overview

overview

7

Static

static

3

keygen.exe

windows7-x64

1

keygen.exe

windows10-2004-x64

1

objectdock...90.exe

windows7-x64

7

objectdock...90.exe

windows10-2004-x64

7

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2024, 16:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    objectdockplus_190.exe

  • Size

    12.8MB

  • MD5

    a1a0a489bdb092c2322cbe7cdbbe7252

  • SHA1

    4df3cd3b737d07d7607f4d386603a4edaca267d4

  • SHA256

    adfca3ccfa332b28f0849fd6bffd243830d40df0e09ed8ed9f9c95f07781325c

  • SHA512

    6b31f05ac01fd6e5c348ab8dc54de01a8f7a664d4296a86a7d3870757d3c11383707c12b7ad63d0e45239f10e35d034cab5fcaf18904ea987ee9aeef4836366c

  • SSDEEP

    393216:klDPp1dzuS4k8D5HuxfU54aetULd1ewwFt7yMk:kZFQLD5Huxf1aeIeww3yMk

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 3 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\objectdockplus_190.exe
    "C:\Users\Admin\AppData\Local\Temp\objectdockplus_190.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3980
    • C:\Users\Admin\AppData\Local\Temp\GLBB3CF.tmp
      C:\Users\Admin\AppData\Local\Temp\GLBB3CF.tmp 4736 C:\Users\Admin\AppData\Local\Temp\OBJECT~1.EXE
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Drops file in System32 directory
      PID:1256

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\GLBB3CF.tmp
          Filesize

          70KB

          MD5

          fff3f34b0c4cd143acb033f8c42f86f2

          SHA1

          902f12aafd013273a6fedebf297c00a3c733ed95

          SHA256

          608bf21dcb944eadb9fd1fd59a3fc4d17b7e304b7b39896e0305168bd4626889

          SHA512

          2c31f6d3e4179358de4d10e00c4c2ce8af4375d4ba1d9bc1848fabb85e6c0511af4569688d7e9052e127507cca6a5e49ae1dbfd3326cfa6d334099fb364cc857

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\GLCB45C.tmp
          Filesize

          157KB

          MD5

          fbd929bfc7b4a9e4fa4506655bab4c4a

          SHA1

          b4df84de80729a04ed90dc976a3e730a568f24f8

          SHA256

          adf8dea5d36b58cf621e2bb0c4549f94e0919308dd7cc1215d942417c45e54a4

          SHA512

          b310e79848dc2a3c6a4524e0b120e2e3dd73ecb6852c65a9eec368045f7bab0b141210726476dd3cb0c1d9008e1f34149f35c03a0156a9eef7d4a7fbc61ea1b4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\GLFC036.tmp
          Filesize

          9KB

          MD5

          b9b41e50d612e00bf3a49a6405b89d74

          SHA1

          88063ee643c64f18fedda1890c717122634aedfd

          SHA256

          50e7a30e1825fab93b94b698c2c6d2cc1787b094c6cee53eeed5c497f77443c9

          SHA512

          b2486f526025095adc6767b5c2f85f80446db2b586e4dff376d74d44494f16d78a361dc944f3a10d8ad494b871a190e8c3f0e92eb27114be5d0b748e0da9c1ca

          Download Submit