Overview

overview

7

Static

static

3

4ced262b34...18.exe

windows7-x64

7

4ced262b34...18.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

1

$PLUGINSDI...lp.dll

windows10-2004-x64

1

$PLUGINSDIR/Setup.dll

windows7-x64

1

$PLUGINSDIR/Setup.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PROGRAMFI...er.exe

windows7-x64

7

$PROGRAMFI...er.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PROGRAMFI...SA.exe

windows7-x64

6

$PROGRAMFI...SA.exe

windows10-2004-x64

6

$PROGRAMFI...CB.exe

windows7-x64

1

$PROGRAMFI...CB.exe

windows10-2004-x64

1

$PROGRAMFI...ok.dll

windows7-x64

1

$PROGRAMFI...ok.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2024 05:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PROGRAMFILES/FREEzeFrog/bin/2.0.19.0/FREEzeFrogSA.exe

  • Size

    780KB

  • MD5

    508a2ca25ed1235d38844f48f9b64c7f

  • SHA1

    2d5d3ddbe6a3119be28763e58d90e0e4f272790a

  • SHA256

    74b2952b87d5f4ef1697cc6843b947fbf891a8ad8cc52c280940d78175aebdd7

  • SHA512

    b7598b87e335272bd96707804790d6ea61ca9eb9b02be2ff0e4b502c72069b63db77fa0c626b918e7c71e3c0b0fb0148933c03862f85c934443b683b2c88d378

  • SSDEEP

    12288:JG8YCWRwg3n/UUf0sJxK0JXDl53wkZWILKvHlwtvcpW22Ty+TaqCZxTN3g/y:JG8YvVt0sJxK0F31/uvHls2rIaRPWq

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 21 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

Processes

  • C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\FREEzeFrog\bin\2.0.19.0\FREEzeFrogSA.exe
    "C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\FREEzeFrog\bin\2.0.19.0\FREEzeFrogSA.exe"
    1⤵
    • Enumerates connected drives
    PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads