8e3247579c4f432a90f1822f5151c6dc2836f7962d840a439fae8c6c8a76d294

Resubmissions

14-07-2024 22:14

240714-15wd4sxcrg 8

14-07-2024 16:06

240714-tj3gzaxdrn 8

Analysis

max time kernel
311s
max time network
397s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
14-07-2024 22:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Thunder Setup.exe
Size

78KB
MD5

1eb797341e423c83060a36b92c720cc9
SHA1

380828212f0bb9a82d568491247a590a316e4351
SHA256

0842a46a5113b1ff571e62101c556565c853a0c0c792f7fdde57eb40e0256177
SHA512

9115d3a22f0163747de035273cd44caa84c46e17cd3fee863172e35688455def25e07bdbf7bdcec940dfd8bd2da7eb10e360d7f5a9413efc8c4b61ad4605c19b
SSDEEP

1536:aZ2FWSNhd/4131izmvch6oKnLzx9QAkhHQ40Gp/VS6:A2ddQ131izLh6oqLzHHuHQ40Gp/VT

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1828 wrote to memory of 1908	1828	Thunder Setup.exe	72
PID 1828 wrote to memory of 1908	1828	Thunder Setup.exe	72
PID 1828 wrote to memory of 1908	1828	Thunder Setup.exe	72

C:\Users\Admin\AppData\Local\Temp\Thunder Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Thunder Setup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1828
- C:\Users\Admin\AppData\Local\Temp\jre\bin\javaw.exe
  "C:\Users\Admin\AppData\Local\Temp\jre\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\activation.jar;lib\antlr4-runtime.jar;lib\asm-all.jar;lib\commons-email.jar;lib\connector-api.jar;lib\dn-compiled-module.jar;lib\dn-php-sdk.jar;lib\dyn4j.jar;lib\gson.jar;lib\HikariCP-java6.jar;lib\javassist-GA.jar;lib\jaybird-jdk18.jar;lib\jfoenix.jar;lib\jkeymaster.jar;lib\jna.jar;lib\jphp-app-framework.jar;lib\jphp-core.jar;lib\jphp-desktop-ext.jar;lib\jphp-desktop-hotkey-ext.jar;lib\jphp-game-ext.jar;lib\jphp-gui-ext.jar;lib\jphp-gui-jfoenix-ext.jar;lib\jphp-json-ext.jar;lib\jphp-jsoup-ext.jar;lib\jphp-mail-ext.jar;lib\jphp-runtime.jar;lib\jphp-sql-ext.jar;lib\jphp-systemtray-ext.jar;lib\jphp-xml-ext.jar;lib\jphp-zend-ext.jar;lib\jphp-zip-ext.jar;lib\jsoup.jar;lib\mail.jar;lib\mysql-connector-java.jar;lib\postgresql.jre7.jar;lib\slf4j-api.jar;lib\slf4j-simple.jar;lib\sqlite-jdbc.jar;lib\zt-zip.jar" org.develnext.jphp.ext.javafx.FXLauncher
  2⤵
  PID:1908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1828-0-0x0000000000400000-0x0000000000420000-memory.dmp

Filesize
128KB

Download
memory/1908-5-0x0000000002DD0000-0x0000000002DF8000-memory.dmp

Filesize
160KB

Download
memory/1908-10-0x0000000002E18000-0x0000000002E20000-memory.dmp

Filesize
32KB

Download
memory/1908-13-0x0000000002E20000-0x0000000002E28000-memory.dmp

Filesize
32KB

Download
memory/1908-31-0x0000000002E10000-0x0000000002E18000-memory.dmp

Filesize
32KB

Download
memory/1908-30-0x0000000002E08000-0x0000000002E10000-memory.dmp

Filesize
32KB

Download
memory/1908-29-0x0000000002E68000-0x0000000002E70000-memory.dmp

Filesize
32KB

Download
memory/1908-28-0x0000000002E70000-0x0000000002E78000-memory.dmp

Filesize
32KB

Download
memory/1908-34-0x0000000002E78000-0x0000000002E80000-memory.dmp

Filesize
32KB

Download
memory/1908-37-0x0000000002E80000-0x0000000002E88000-memory.dmp

Filesize
32KB

Download
memory/1908-38-0x0000000002E88000-0x0000000002E90000-memory.dmp

Filesize
32KB

Download
memory/1908-40-0x0000000002E90000-0x0000000002E98000-memory.dmp

Filesize
32KB

Download
memory/1908-41-0x0000000001420000-0x0000000001421000-memory.dmp

Filesize
4KB

Download
memory/1908-43-0x0000000002E98000-0x0000000002EA0000-memory.dmp

Filesize
32KB

Download
memory/1908-45-0x0000000002EA0000-0x0000000002EA8000-memory.dmp

Filesize
32KB

Download
memory/1908-51-0x0000000002EA8000-0x0000000002EB0000-memory.dmp

Filesize
32KB

Download
memory/1908-50-0x0000000002DD0000-0x0000000002DF8000-memory.dmp

Filesize
160KB

Download
memory/1908-54-0x0000000002EB0000-0x0000000002EB8000-memory.dmp

Filesize
32KB

Download
memory/1908-53-0x0000000002E18000-0x0000000002E20000-memory.dmp

Filesize
32KB

Download
memory/1908-58-0x0000000002EB8000-0x0000000002EC0000-memory.dmp

Filesize
32KB

Download
memory/1908-57-0x0000000002E20000-0x0000000002E28000-memory.dmp

Filesize
32KB

Download
memory/1908-63-0x0000000002EC0000-0x0000000002EC8000-memory.dmp

Filesize
32KB

Download
memory/1908-62-0x0000000002E08000-0x0000000002E10000-memory.dmp

Filesize
32KB

Download
memory/1908-61-0x0000000002E70000-0x0000000002E78000-memory.dmp

Filesize
32KB

Download
memory/1908-67-0x0000000002EC8000-0x0000000002ED0000-memory.dmp

Filesize
32KB

Download
memory/1908-66-0x0000000002E78000-0x0000000002E80000-memory.dmp

Filesize
32KB

Download
memory/1908-71-0x0000000002ED0000-0x0000000002ED8000-memory.dmp

Filesize
32KB

Download
memory/1908-70-0x0000000002E80000-0x0000000002E88000-memory.dmp

Filesize
32KB

Download
memory/1908-75-0x0000000002ED8000-0x0000000002EE0000-memory.dmp

Filesize
32KB

Download
memory/1908-74-0x0000000002E88000-0x0000000002E90000-memory.dmp

Filesize
32KB

Download
memory/1908-78-0x0000000002EE0000-0x0000000002EE8000-memory.dmp

Filesize
32KB

Download
memory/1908-77-0x0000000002E90000-0x0000000002E98000-memory.dmp

Filesize
32KB

Download
memory/1908-85-0x0000000002EE8000-0x0000000002EF0000-memory.dmp

Filesize
32KB

Download
memory/1908-84-0x0000000002E98000-0x0000000002EA0000-memory.dmp

Filesize
32KB

Download
memory/1908-90-0x0000000002EF0000-0x0000000002EF8000-memory.dmp

Filesize
32KB

Download
memory/1908-89-0x0000000002EA0000-0x0000000002EA8000-memory.dmp

Filesize
32KB

Download
memory/1908-94-0x0000000002EF8000-0x0000000002F00000-memory.dmp

Filesize
32KB

Download
memory/1908-93-0x0000000002EA8000-0x0000000002EB0000-memory.dmp

Filesize
32KB

Download
memory/1908-97-0x0000000002F00000-0x0000000002F08000-memory.dmp

Filesize
32KB

Download
memory/1908-96-0x0000000002EB0000-0x0000000002EB8000-memory.dmp

Filesize
32KB

Download
memory/1908-100-0x0000000002E18000-0x0000000002E20000-memory.dmp

Filesize
32KB

Download
memory/1908-101-0x0000000002E20000-0x0000000002E28000-memory.dmp

Filesize
32KB

Download
memory/1908-102-0x0000000002E70000-0x0000000002E78000-memory.dmp

Filesize
32KB

Download
memory/1908-103-0x0000000002E08000-0x0000000002E10000-memory.dmp

Filesize
32KB

Download
memory/1908-104-0x0000000002E78000-0x0000000002E80000-memory.dmp

Filesize
32KB

Download
memory/1908-105-0x0000000002E80000-0x0000000002E88000-memory.dmp

Filesize
32KB

Download
memory/1908-106-0x0000000002E88000-0x0000000002E90000-memory.dmp

Filesize
32KB

Download
memory/1908-107-0x0000000002E90000-0x0000000002E98000-memory.dmp

Filesize
32KB

Download
memory/1908-108-0x0000000002E98000-0x0000000002EA0000-memory.dmp

Filesize
32KB

Download
memory/1908-109-0x0000000002EA0000-0x0000000002EA8000-memory.dmp

Filesize
32KB

Download
memory/1908-110-0x0000000002EA8000-0x0000000002EB0000-memory.dmp

Filesize
32KB

Download
memory/1908-111-0x0000000002EB8000-0x0000000002EC0000-memory.dmp

Filesize
32KB

Download
memory/1908-112-0x0000000002EC0000-0x0000000002EC8000-memory.dmp

Filesize
32KB

Download
memory/1908-113-0x0000000002EC8000-0x0000000002ED0000-memory.dmp

Filesize
32KB

Download
memory/1908-114-0x0000000002ED0000-0x0000000002ED8000-memory.dmp

Filesize
32KB

Download
memory/1908-115-0x0000000002ED8000-0x0000000002EE0000-memory.dmp

Filesize
32KB

Download
memory/1908-116-0x0000000002EE0000-0x0000000002EE8000-memory.dmp

Filesize
32KB

Download
memory/1908-117-0x0000000002EE8000-0x0000000002EF0000-memory.dmp

Filesize
32KB

Download
memory/1908-118-0x0000000002EF0000-0x0000000002EF8000-memory.dmp

Filesize
32KB

Download
memory/1908-120-0x0000000002F00000-0x0000000002F08000-memory.dmp

Filesize
32KB

Download
memory/1908-119-0x0000000002EF8000-0x0000000002F00000-memory.dmp

Filesize
32KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads