Overview

overview

7

Static

static

3

4bdaf7dc7d...53.exe

windows7-x64

7

4bdaf7dc7d...53.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-09-2024 21:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4bdaf7dc7d6d45c059ddccdfc51aef9556321f475e394a21afcce928dc136353.exe

  • Size

    50KB

  • MD5

    19efa316b191023aba20c55c1e6d1a5f

  • SHA1

    9ec90656863d1c065cd4ae55132173d514e64bc4

  • SHA256

    4bdaf7dc7d6d45c059ddccdfc51aef9556321f475e394a21afcce928dc136353

  • SHA512

    eca1fbdca7e6dcbdc54029cd120b2230dfc8e2882692066efb79790ca50ca1f0cd698220fa4d444b3377a875ecc7b909bd5fc0ac232997c2acb7c627b7905e38

  • SSDEEP

    768:mGG1h79vhhvBg13XySwJNsBoxzN293Q9bwBY96tx7T30FnE4Tjk1YPx3j:QxBk3yJZqOwPEBzToyPFj

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\4bdaf7dc7d6d45c059ddccdfc51aef9556321f475e394a21afcce928dc136353.exe
    "C:\Users\Admin\AppData\Local\Temp\4bdaf7dc7d6d45c059ddccdfc51aef9556321f475e394a21afcce928dc136353.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\bassmod.dll
    Filesize

    9KB

    MD5

    780d14604d49e3c634200c523def8351

    SHA1

    e208ef6f421d2260070a9222f1f918f1de0a8eeb

    SHA256

    844eb66a10b848d3a71a8c63c35f0a01550a46d2ff8503e2ca8947978b03b4d2

    SHA512

    a49c030f11da8f0cdc4205c86bec00653ec2f8899983cad9d7195fd23255439291aaec5a7e128e1a103efd93b8566e86f15af89eba4efebf9debce14a7a5564b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\dup2patcher.dll
    Filesize

    33KB

    MD5

    1c4517770db13b2510c15950c608ee3b

    SHA1

    0c47f216a1e7b7a8ae78367e8a7a91c1806c528a

    SHA256

    412148ea121ac2cab0aa9256884a42057736112fff283eacc956540f4ff85d92

    SHA512

    1a7d97856de176252b96a44a8cdbdf1c93f54a3a679c112dc2bd30f2b1b751f2af12f3f13ca9befd379fbe0e8c9075e03ff267d9aae0924a1057ffec73e37498

    Download Submit

  • memory/2124-3-0x0000000075220000-0x0000000075260000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2124-7-0x0000000075220000-0x0000000075260000-memory.dmp

    Filesize

    256KB

    Download