Overview

overview

7

Static

static

7

HDD_Regene...en.exe

windows7-x64

3

HDD_Regene...en.exe

windows10-2004-x64

3

HDD_Regene...ch.exe

windows7-x64

7

HDD_Regene...ch.exe

windows10-2004-x64

7

HDD_Regene...hr.exe

windows7-x64

7

HDD_Regene...hr.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2024, 13:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HDD_Regenerator~/HDD_Regenerator_2011_DC_2013-05-08/HDD_Regenerator_2011_DC_2013-05-08/Crack/Patch.exe

  • Size

    61KB

  • MD5

    b0fa5a62281a2729acefa18d795131ce

  • SHA1

    b253c2ec3697a54d96c3f44df7e2b71627ea85b4

  • SHA256

    158e288d8103c415d6304b76267629aa3b911f5151b88df78efb93ba01738184

  • SHA512

    86bfac4995362257e8162cb064c83ede26ba7e1635e75fcb82b3833eaa667a258184db2dd7b590a5b0d57903901e6aef80e482f5a823ab9a92bd69bf68461b11

  • SSDEEP

    1536:sXEBqTLylUXWk4jZd53PUdgEnshchEFgVX2guM:sKcPXajtPUqEnsTC

Score
7/10
discoveryupx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\HDD_Regenerator~\HDD_Regenerator_2011_DC_2013-05-08\HDD_Regenerator_2011_DC_2013-05-08\Crack\Patch.exe
    "C:\Users\Admin\AppData\Local\Temp\HDD_Regenerator~\HDD_Regenerator_2011_DC_2013-05-08\HDD_Regenerator_2011_DC_2013-05-08\Crack\Patch.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:2188

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\bassmod.dll
    Filesize

    9KB

    MD5

    780d14604d49e3c634200c523def8351

    SHA1

    e208ef6f421d2260070a9222f1f918f1de0a8eeb

    SHA256

    844eb66a10b848d3a71a8c63c35f0a01550a46d2ff8503e2ca8947978b03b4d2

    SHA512

    a49c030f11da8f0cdc4205c86bec00653ec2f8899983cad9d7195fd23255439291aaec5a7e128e1a103efd93b8566e86f15af89eba4efebf9debce14a7a5564b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\dup2patcher.dll
    Filesize

    55KB

    MD5

    fd7f9cc97e7f81d228bb7d4602a69231

    SHA1

    559a442546e1002ed71794e3b9ba30ba5901e6b5

    SHA256

    e20063ddb0d23c6c0eb503b25b021a3da3fe13b469c99cb23a347181461056c8

    SHA512

    f577a376be1c9b01b9cf0179da48bc61add71a2903e80bb183b4961629161d7b404633ef683f41d21454cf60a692e3187f91249ac4a93925c82001119dd41b4f

    Download Submit

  • memory/2188-3-0x0000000075220000-0x00000000752CE000-memory.dmp

    Filesize

    696KB

    Download

  • memory/2188-8-0x0000000075220000-0x00000000752CE000-memory.dmp

    Filesize

    696KB

    Download