Analysis
-
max time kernel
150s -
max time network
136s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
05-08-2024 11:13
Static task
static1
Behavioral task
behavioral1
Sample
Debug/FastColoredTextBox.dll
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral2
Sample
Debug/RivieraExecutor.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral3
Sample
Debug/bin/api/CeleryIn.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral4
Sample
Debug/bin/api/npfsjjfsaxb2.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral5
Sample
Debug/ccapi.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral6
Sample
Debug/oPdmSm.dll
Resource
win10-20240404-en
windows10-1703-x64
General
-
Target
Debug/bin/api/npfsjjfsaxb2.exe
-
Size
5.0MB
-
MD5
6b11846ac7d1cdfc7bdfb9e27210ac7f
-
SHA1
ec2056b1a47b60a30ffd16313c07bc7e8e28bf64
-
SHA256
c5448339124931a267dc09f9ccf41878ef64e0e9a2553a220b2cb950a7aa8f56
-
SHA512
dbb516ed47772151d5c3b3147a419f9157a22f9f6853c9a77db4713f06f7d02eed2295a9c522721ca3d5b256972089dfb76d62d5b42bbc271fef9d22bae76264
-
SSDEEP
49152:3esFEyhNi5PyeVuOvW/eDGjyYl2g53PaiTs9dnNdnndn+dnc81u:uzVP
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe 3152 npfsjjfsaxb2.exe