Overview

overview

10

Static

static

7

ead791414b...d4.exe

windows7-x64

7

ead791414b...d4.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

114IE.exe

windows7-x64

10

114IE.exe

windows10-2004-x64

10

bin/114Web.exe

windows7-x64

1

bin/114Web.exe

windows10-2004-x64

1

bin/Addr.dll

windows7-x64

3

bin/Addr.dll

windows10-2004-x64

3

bin/CameraDll.dll

windows7-x64

1

bin/CameraDll.dll

windows10-2004-x64

1

bin/SnapShot.exe

windows7-x64

1

bin/SnapShot.exe

windows10-2004-x64

1

bin/TGHistory.dll

windows7-x64

1

bin/TGHistory.dll

windows10-2004-x64

1

bin/TGMail.dll

windows7-x64

1

bin/TGMail.dll

windows10-2004-x64

1

bin/TGNetWork.dll

windows7-x64

1

bin/TGNetWork.dll

windows10-2004-x64

3

bin/TGRes.dll

windows7-x64

1

bin/TGRes.dll

windows10-2004-x64

1

bin/shdoclc.dll

windows7-x64

1

bin/shdoclc.dll

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-07-2024 23:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4.exe

  • Size

    2.5MB

  • MD5

    4726474b31484684a60f8be1ecfa7986

  • SHA1

    5ad7989e8d5ecfcdba14bdb0135380ce19f709fd

  • SHA256

    ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4

  • SHA512

    15f13bfa0be287fd2d62561ce0c97594504b98d489a51c4db2b1fcdba233ac462a16b2e2edb7f144b50563b6e2d25e3f991314d6858d4038da01a9d6f8683922

  • SSDEEP

    49152:I9If342N0i9pbtiRQg0O5ItoeoHB25zJinnbi/DQfmOugHjwaKy:f4X2Bca/OCOhhkzMW/3OuxQ

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4.exe
    "C:\Users\Admin\AppData\Local\Temp\ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4.exe"
    1⤵
    • Loads dropped DLL
    PID:4492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsnB299.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    9a886711c559308c39c01c20e9d9a1e3

    SHA1

    0f27cf1cf6e4960e140651b68d72ed4b92c58e9e

    SHA256

    98be8860d38ad9cf31b55a1a04594de59eabad67510ba2a33ed20a80863ddfa4

    SHA512

    4dabdd9ea7a8330a367589a3975a9dc7286b82c66efc7db118b4d7a2db08a467851c6d3dc991668e13c4dd5473aa974e9696a2226039db94df8b198da54354a3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsnB299.tmp\ioSpecial.ini
    Filesize

    611B

    MD5

    e9cb50b314ff77e542883dad5bf844b7

    SHA1

    6eddfcf906ebe03b16732254dfff1e91600f47b7

    SHA256

    0db6701263454a21fd2dc27f78430b0f9dc5378beadfee1e56030c156a7cb173

    SHA512

    523b7c8766a19080754030ae24855e102394ad2eaeb49e23f89faab370298eb375e0a7159c48e2255c2db455fa5ff34777b80db310c2ff84a4d5e07de27511e4

    Download Submit