Overview

overview

7

Static

static

3

862698a7b4...27.exe

windows7-x64

7

862698a7b4...27.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

1

$PLUGINSDI...gs.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

ivshmem.sys

windows10-2004-x64

1

looking-gl...st.exe

windows7-x64

1

looking-gl...st.exe

windows10-2004-x64

1

uninstaller.exe

windows7-x64

7

uninstaller.exe

windows10-2004-x64

7

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 20:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    862698a7b44144ef7d3c54101086ba54f7003b8fc5d3eb86de05a27c6a009a27.exe

  • Size

    656KB

  • MD5

    d54269fc137cead0d5be738cc548eee3

  • SHA1

    22d2df99ad817959af819cb314b05279ed9ff597

  • SHA256

    862698a7b44144ef7d3c54101086ba54f7003b8fc5d3eb86de05a27c6a009a27

  • SHA512

    4ecb228caf13a48c34637668ac48886eea464cee0535b2934d6d3ad71933c1ef7cd5495a7378222d088f9f59fcf5c1a8b492d5b5833050bf5ace427f31af95d7

  • SSDEEP

    12288:QEOYahDb03GZMyKhh5HCXTTqX2DNVW2MxOfhw3YFPHr8oHCl:QpYaNWGZxOmfqGDT7fO3YFIp

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\862698a7b44144ef7d3c54101086ba54f7003b8fc5d3eb86de05a27c6a009a27.exe
    "C:\Users\Admin\AppData\Local\Temp\862698a7b44144ef7d3c54101086ba54f7003b8fc5d3eb86de05a27c6a009a27.exe"
    1⤵
    • Loads dropped DLL
    PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nseDC67.tmp\nsDialogs.dll
    Filesize

    14KB

    MD5

    7d46f62ed83039d09deccf734c2e13cd

    SHA1

    69fd785ca4264cc70b5e30ad95bf937b54c517d1

    SHA256

    e4f863f06d8589c1215135120cf69827601eaad2a69c4350dd8ed43dc91e9c81

    SHA512

    47aedd3f0e90bc8801122d75bc24786a6e28c3c402ce1a93baa73f00f3ea8560d315ee4eadaa1fc27822cee6e8d6a14fe33c47a2f151dbb8e5aab6a24fad8ac3

    Download Submit

  • memory/2764-7-0x00007FFC62070000-0x00007FFC6207D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2764-6-0x0000000140000000-0x0000000140088000-memory.dmp

    Filesize

    544KB

    Download