Overview

overview

10

Static

static

10

WaspLoader...I2.dll

windows7-x64

1

WaspLoader...I2.dll

windows10-2004-x64

1

WaspLoader...er.exe

windows7-x64

10

WaspLoader...er.exe

windows10-2004-x64

10

WaspLoader...-c.exe

windows7-x64

5

WaspLoader...-c.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2024 07:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WaspLoader/inject-c.exe

  • Size

    12.2MB

  • MD5

    e6333b1e880f784228ebba74fcb76a88

  • SHA1

    0ded82ee467b4012b45eef9878402f50b7be17c4

  • SHA256

    c40fe901f365043c08b3053830e4bef1b496dbec93e6ca33c891f58f14006aff

  • SHA512

    1c5bbd9b6cbd0418133186f5e977c7a66915ddd128e3a478acbc92042bcf8a3ee2b2f93ea23849caab1730a329adf96dfacb5d1d9453ccdd86266ddf8442fef6

  • SSDEEP

    196608:QDiIMDzDKVkcZun3LVFh/Nx/UDvFRCTLFLmYgpmrvtjlHL9r5R3nRn3Z6Hw2lLFO:Ui/DY0bpNxGULmwvBlHLxN32V5s

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\WaspLoader\inject-c.exe
    "C:\Users\Admin\AppData\Local\Temp\WaspLoader\inject-c.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1856-0-0x000000013FC48000-0x0000000140373000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/1856-3-0x0000000077CE0000-0x0000000077CE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-1-0x0000000077CE0000-0x0000000077CE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-5-0x0000000077CE0000-0x0000000077CE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-10-0x0000000077CF0000-0x0000000077CF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-12-0x000000013FC40000-0x0000000140FB2000-memory.dmp

    Filesize

    19.4MB

    Download

  • memory/1856-8-0x0000000077CF0000-0x0000000077CF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-6-0x0000000077CF0000-0x0000000077CF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1856-13-0x000000013FC40000-0x0000000140FB2000-memory.dmp

    Filesize

    19.4MB

    Download

  • memory/1856-14-0x000000013FC48000-0x0000000140373000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/1856-15-0x000000013FC40000-0x0000000140FB2000-memory.dmp

    Filesize

    19.4MB

    Download