Overview

overview

7

Static

static

1

6fae566b41...18.exe

windows7-x64

7

6fae566b41...18.exe

windows10-2004-x64

7

mcffplg.dll

windows7-x64

3

mcffplg.dll

windows10-2004-x64

3

saffplg.js

windows7-x64

3

saffplg.js

windows10-2004-x64

3

mcieplg.dll

windows7-x64

6

mcieplg.dll

windows10-2004-x64

3

x64/mcieplg.dll

windows7-x64

7

x64/mcieplg.dll

windows10-2004-x64

1

$TEMP/$_0_...st.exe

windows7-x64

$TEMP/$_0_...st.exe

windows10-2004-x64

$TEMP/$_0_...ui.dll

windows7-x64

1

$TEMP/$_0_...ui.dll

windows10-2004-x64

1

$TEMP/$_0_...ns.dll

windows7-x64

1

$TEMP/$_0_...ns.dll

windows10-2004-x64

1

mcsacins.dll

windows7-x64

3

mcsacins.dll

windows10-2004-x64

3

saInst.exe

windows7-x64

7

saInst.exe

windows10-2004-x64

7

$TEMP/$_0_...st.exe

windows7-x64

$TEMP/$_0_...st.exe

windows10-2004-x64

mcbrwctl.dll

windows7-x64

3

mcbrwctl.dll

windows10-2004-x64

3

mcsacore.exe

windows7-x64

3

mcsacore.exe

windows10-2004-x64

3

mcsacoreps.dll

windows7-x64

3

mcsacoreps.dll

windows10-2004-x64

3

saupkeep.dll

windows7-x64

3

saupkeep.dll

windows10-2004-x64

3

uninstall.exe

windows7-x64

3

uninstall.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/07/2024, 13:01

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: Failed to extract payload to C:\Users\Admin\AppData\Local\Temp -> open C:\Users\Admin\AppData\Local\Temp\$TEMP\$_0_ \MSADuc.cab: The system cannot find the path specified. image=C:\Users\Admin\AppData\Local\Temp\payload.exe command="C:\Users\Admin\AppData\Local\Temp\payload.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: This version of %1 is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher.
Report Analysis Logs

General

  • Target

    $TEMP/$_0_ /saInst.exe

  • Size

    122KB

  • MD5

    f20017a9a655ca3604313cd982ffbce3

  • SHA1

    ea40699e63a79ad12aad962bd6d0ad38b3abf664

  • SHA256

    0b4be27c06c0a1a11a49ca9cc7b04b26a9b88dc80cfd9e38ae6cbe2a9398b3ba

  • SHA512

    a1307150f2df5dfa93b7b62f7f25ec6ea7a8dbea8a9fe62a64703a4f05f8e928a9859a7a9cc2d48280e428cb66067175488fdd2eac5cfd5e18d668b08574829d

  • SSDEEP

    1536:qYzYs5OVQPt/GAbmVPil2rbk1rjjCs9oYOwvjOg/+aNXto6LnXkXQXRZaca2C:dMeOVQPQZbbe3G2Ojg/+aNXto6TUADG

Score
1/10

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads