Overview

overview

7

Static

static

7

fc890a53ba...18.exe

windows7-x64

7

fc890a53ba...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

ConfigHorror.exe

windows7-x64

5

ConfigHorror.exe

windows10-2004-x64

5

DTDJ_1.exe

windows7-x64

3

DTDJ_1.exe

windows10-2004-x64

3

Horrorween.exe

windows7-x64

5

Horrorween.exe

windows10-2004-x64

5

SDL.dll

windows7-x64

3

SDL.dll

windows10-2004-x64

3

SDL_image.dll

windows7-x64

5

SDL_image.dll

windows10-2004-x64

5

SDL_net.dll

windows7-x64

3

SDL_net.dll

windows10-2004-x64

3

fmod.dll

windows7-x64

5

fmod.dll

windows10-2004-x64

5

jpeg.dll

windows7-x64

5

jpeg.dll

windows10-2004-x64

5

libpng1.dll

windows7-x64

5

libpng1.dll

windows10-2004-x64

5

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

wrapper.dll

windows7-x64

5

wrapper.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240910-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/09/2024, 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ConfigHorror.exe

  • Size

    215KB

  • MD5

    fe379e4250a7139452081b53f628a58c

  • SHA1

    cd78e41303e4d694f837cf026d9c737873fbeedd

  • SHA256

    2f768f6f249bd3730b18f0e45e44f9c3c9b02f99c03e1464f4465970135332d5

  • SHA512

    f432535fe9845cc9d8fc2ec916e0ab9bd1b9c2380dd09cfe93843716d1f14c540aaab48e5249c69344dbef46aba4e8b9246e9832a1efc4572e6b259374e2520b

  • SSDEEP

    6144:B2/VJZmVEPqrIcKsEf7UftHkbMUE6zo/Af:GJoVIAEfYWK8sA

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\ConfigHorror.exe
    "C:\Users\Admin\AppData\Local\Temp\ConfigHorror.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3552-0-0x0000000000400000-0x0000000000488000-memory.dmp

    Filesize

    544KB

    Download

  • memory/3552-1-0x0000000002330000-0x0000000002331000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3552-2-0x0000000000400000-0x0000000000488000-memory.dmp

    Filesize

    544KB

    Download

  • memory/3552-4-0x0000000002330000-0x0000000002331000-memory.dmp

    Filesize

    4KB

    Download