Analysis

  • max time kernel
    1793s
  • max time network
    1151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-07-2024 01:29

General

  • Target

    TotalAV.exe

  • Size

    72.1MB

  • MD5

    596d83d9360e43ebce886e6375497468

  • SHA1

    6e280c2291bd1223c31154c91b4e919019dc7a24

  • SHA256

    45446f6e7551da01e6b6eca54c82f5584b34fa5b71517e2f3977939dfb0e876b

  • SHA512

    2f5897482f4e581403813894c151f11bbf7b622e5f5b5f6b724139dbda31e125183e0e49eb76c350596ec89498a123c7b70531e228f5955af35084956f925758

  • SSDEEP

    1572864:VDaAF/pt7zg0X7whOvlU6WLC3x9etForC6nW7balgKwYJa:VD/3ucdU6WWhAi7W7GiCJa

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\TotalAV.exe
    "C:\Users\Admin\AppData\Local\Temp\TotalAV.exe"
    1⤵
    • Loads dropped DLL
    PID:3388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsuB920.tmp\System.dll

    Filesize

    11KB

    MD5

    fccff8cb7a1067e23fd2e2b63971a8e1

    SHA1

    30e2a9e137c1223a78a0f7b0bf96a1c361976d91

    SHA256

    6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e

    SHA512

    f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c

  • C:\Users\Admin\AppData\Local\Temp\nsuB920.tmp\nsDialogs.dll

    Filesize

    9KB

    MD5

    1c8b2b40c642e8b5a5b3ff102796fb37

    SHA1

    3245f55afac50f775eb53fd6d14abb7fe523393d

    SHA256

    8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c

    SHA512

    4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57