Overview

overview

10

Static

static

7

48c616cbb1...9e.exe

windows7-x64

7

48c616cbb1...9e.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/gpyapi.dll

windows7-x64

3

$SYSDIR/gpyapi.dll

windows10-2004-x64

3

$SYSDIR/gtapi.dll

windows7-x64

3

$SYSDIR/gtapi.dll

windows10-2004-x64

3

$TEMP/Goog...er.exe

windows7-x64

8

$TEMP/Goog...er.exe

windows10-2004-x64

$TEMP/Goog...ed.msi

windows7-x64

6

$TEMP/Goog...ed.msi

windows10-2004-x64

6

$TEMP/setu...20.exe

windows7-x64

7

$TEMP/setu...20.exe

windows10-2004-x64

7

ies_uni.exe

windows7-x64

7

ies_uni.exe

windows10-2004-x64

7

iesuper.dll

windows7-x64

6

iesuper.dll

windows10-2004-x64

6

UUPlayer.dll

windows7-x64

3

UUPlayer.dll

windows10-2004-x64

3

UUSeePlayer.exe

windows7-x64

10

UUSeePlayer.exe

windows10-2004-x64

10

bass-plugins.exe

windows7-x64

7

bass-plugins.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-08-2024 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    48c616cbb15b33f9f8001ae8074e8f68657f604bb20b923ddb6722f752427a9e.exe

  • Size

    5.9MB

  • MD5

    b6a1d4830b73825b6efe9ce64d4ca02a

  • SHA1

    4ac4be0396ce87ffb640e75ce13ba667617dacaf

  • SHA256

    48c616cbb15b33f9f8001ae8074e8f68657f604bb20b923ddb6722f752427a9e

  • SHA512

    18baf5c36a673c6b138a355fa78b3b5339e363df6a19250d680500bda4685ae72bee0de5f6868379768ba268e4ba511135458f18170985567f5cd5c13b2eb077

  • SSDEEP

    98304:jCfphzIjedVG0G16pvDNfK4URgpHH1a3B78CUGRSICkgn6x5ls7vGnOLLCdO9Rvx:jCxhzIya16RRf/11QR4oSrznG5CisCdg

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\48c616cbb15b33f9f8001ae8074e8f68657f604bb20b923ddb6722f752427a9e.exe
    "C:\Users\Admin\AppData\Local\Temp\48c616cbb15b33f9f8001ae8074e8f68657f604bb20b923ddb6722f752427a9e.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:1068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsaAC8D.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    b18dfaded8f6d2380fdfd8f6b6969211

    SHA1

    969fa0e906240ab1123254feeb833c275626cf76

    SHA256

    747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    SHA512

    25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsaAC8D.tmp\ioSpecial.ini
    Filesize

    612B

    MD5

    532f0b29ca9e984f66f4e3ddd8df3092

    SHA1

    5decb88e7f5755cdb43ee2caf3a364532073a7d1

    SHA256

    af183a5fca7063b44d872a67541d52ebab72fc57affbbdd8367fa9d1f6aa53e9

    SHA512

    8fc6e842910be70e5bd45a7b84830bdb7836ab1a618ed674036473726d214be5dcd2cd875d667266e4c01526ccb1a8a9875e2bd7de580467a105a2102b46844c

    Download Submit