Overview

overview

7

Static

static

3

73851feac6...70.exe

windows7-x64

7

73851feac6...70.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/08/2024, 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    73851feac69631570802220d24612660a14fd4198372ec7b31bdfda9c3f7b070.exe

  • Size

    1.7MB

  • MD5

    d1a066cfdb9e0ac2304ee89e5127a115

  • SHA1

    eb23c5cf321ee81c003c003790cd77cdfb06f6d9

  • SHA256

    73851feac69631570802220d24612660a14fd4198372ec7b31bdfda9c3f7b070

  • SHA512

    715818b2043e4621e0e5d89c7329c50356ad81873c9fd241158066c5373b920d94eb7f789855ce8cabbd28c2b47422954e9259785cefa5b656b914164d397626

  • SSDEEP

    24576:Vg/atXobxg3H722ZXdOaWXh3CCZX9b7BtAMB9CphmgJ7:yado1g3H722ZXd3WXACZtptAMjGhmI

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 48 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\73851feac69631570802220d24612660a14fd4198372ec7b31bdfda9c3f7b070.exe
    "C:\Users\Admin\AppData\Local\Temp\73851feac69631570802220d24612660a14fd4198372ec7b31bdfda9c3f7b070.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2616
  • C:\Windows\system32\cmd.exe
    cmd /c move C:\Windows\temp\240621625 "C:\Program Files\StarRail.exe"
    1⤵
      PID:1408
    • C:\Program Files\StarRail.exe
      "C:\Program Files\StarRail.exe"
      1⤵
      • Executes dropped EXE
      PID:3924

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Windows\temp\240621625
      Filesize

      667KB

      MD5

      09cbebe3306f81dbb1498e2c214b897d

      SHA1

      3a90253bf26597533db0cd1ce7f1e09af5c6c981

      SHA256

      2aa3366883b707c1fea777156417f4be0b5c90f209fda1afac1c8544acab702c

      SHA512

      adc2db766e0e62ce95bdc45da1fb99ac8cb192e3dc2e6e87635c1266a3fb7562e4ec680d250bd130f72ccbccf388e644a2c7da55d568096f1f8a9a5a4faafeee

      Download Submit

    • memory/2616-0-0x000001D0BEDB0000-0x000001D0BEDB1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2616-1-0x0000000180000000-0x000000018002E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/3924-13-0x0000000140000000-0x00000001400A7000-memory.dmp

      Filesize

      668KB

      Download