Overview

overview

10

Static

static

5

59acf29870...18.exe

windows7-x64

10

59acf29870...18.exe

windows10-2004-x64

10

Adobe-GenP-2.7.exe

windows7-x64

3

Adobe-GenP-2.7.exe

windows10-2004-x64

3

ETC1final.exe

windows7-x64

8

ETC1final.exe

windows10-2004-x64

8

XMRfinal.exe

windows7-x64

8

XMRfinal.exe

windows10-2004-x64

10

update.exe

windows7-x64

10

update.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-10-2024 22:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Adobe-GenP-2.7.exe

  • Size

    1.3MB

  • MD5

    6467e9dd5d86c741aed49060e6d3fcd2

  • SHA1

    a3c784836d993cc2cd9a9087a23559fa05567d02

  • SHA256

    7b8d9ff34315e1787cdb62e682b3ba8dedd9f28d7cd374afe057babaf335edd4

  • SHA512

    9f3b46f4b4c2839e2cd6c6ca2fb2b859af0e22a9c8276b26b32c83ca5f9d95c3cefb44cd82dc78cbe427de04e92e86ceface836f45c3263a8a5a1ca7c1dc48e7

  • SSDEEP

    24576:fRaZROMOm8FN7TjsPnzt2heeRhQbJEOeamXHeqtGHXR0LSeIU6:5kxOm+7TjsPnztyDMmaSHeqtyX8Sg

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Adobe-GenP-2.7.exe
    "C:\Users\Admin\AppData\Local\Temp\Adobe-GenP-2.7.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2252

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2252-0-0x0000000000B70000-0x0000000000B71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2252-1-0x0000000000B70000-0x0000000000B71000-memory.dmp

    Filesize

    4KB

    Download