Overview

overview

6

Static

static

1

LDPlayer9_...ld.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    3s
  • max time network
    17s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2024, 21:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LDPlayer9_ens_com.devsisters.ck_55266239_ld.exe

  • Size

    2.5MB

  • MD5

    9855e448af8561fc920d69a7b45a309b

  • SHA1

    9ceb185e61fde58d6db6e3c4e2e7932ca53ce712

  • SHA256

    aebbda8979b54ca3094e835ec7bffb08aca6c79480675d46bc5df75d9750a583

  • SHA512

    a37495c629c9fd636702f1e1479b0ffd8c7b921cc914a7208478d2b9c348149634bd7736ed41d6627902e8b8e5d5316dbeb3d5783b93574a48b7fb1786fc6d6c

  • SSDEEP

    49152:XNfatughHaKLIKN1cueXlaYbsISTb/am5B8y6sEUhSSwoUKd:Xla4ghHaKMu2IYbsIW/amj8yF8SN

Score
6/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ens_com.devsisters.ck_55266239_ld.exe
    "C:\Users\Admin\AppData\Local\Temp\LDPlayer9_ens_com.devsisters.ck_55266239_ld.exe"
    1⤵
    • Enumerates connected drives
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:1600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads