Malware Analysis Report

2025-03-15 04:35

Sample ID 241027-1zxd8athrj
Target OperaGXSetup.exe
SHA256 65dbe0108727614fc1b82475e8fa0c171added385b1ec831e9cdc0c4af9d741a
Tags
discovery
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

65dbe0108727614fc1b82475e8fa0c171added385b1ec831e9cdc0c4af9d741a

Threat Level: Shows suspicious behavior

The file OperaGXSetup.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery

Executes dropped EXE

Unsigned PE

System Location Discovery: System Language Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-27 22:05

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-27 22:05

Reported

2024-10-27 22:06

Platform

win7-20240903-en

Max time kernel

15s

Max time network

16s

Command Line

"C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe

"C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe --server-tracking-blob=MjAxZjA1YjliYzBhMTE2Nzg3Y2MwYmJkNGQxMWYxZDcxNTFhYTlmMmNkNWQ0NDFmMTI3YWZjNjkyZWM4NDQ5YTp7ImNvdW50cnkiOiJQUiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT15dCZ1dG1fbWVkaXVtPXl0X2luZmx1ZW5jZXJzJnV0bV9jYW1wYWlnbj1jNTlfeXRfZ3hfdXNfUEFDS0dPRDUmaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5vcGVyYS5jb20lMkZneCUyRnBhY2tnb2QlM0Z1dG1fc291cmNlJTNEeXQlMjZ1dG1fbWVkaXVtJTNEeXRfaW5mbHVlbmNlcnMlMjZ1dG1fY2FtcGFpZ24lM0RjNTlfeXRfZ3hfdXNfUEFDS0dPRDUlMjZzaG9ydGxpbmslM0R1NDA0aTlkdyUyNmMlM0RQQUNLR09ENSUyNnBpZCUzRHl0JTI2YWZfeHAlM0RjdXN0b20lMjZzb3VyY2VfY2FsbGVyJTNEdWkmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZwYWNrZ29kJmRsX3Rva2VuPTU2OTk5NDA0IiwidGltZXN0YW1wIjoiMTcyNTEwMTI0NC4yMzE1IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IEVkZy8xMjguMC4wLjAiLCJ1dG0iOnsiY2FtcGFpZ24iOiJjNTlfeXRfZ3hfdXNfUEFDS0dPRDUiLCJsYXN0cGFnZSI6Im9wZXJhLmNvbS9wYWNrZ29kIiwibWVkaXVtIjoieXRfaW5mbHVlbmNlcnMiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoieXQifSwidXVpZCI6ImNlNDM1MTgzLTgzOGYtNGFiZi1iZDU1LTY5NzFkMmMxMzI5NiJ9

Network

N/A

Files

C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe

MD5 b4da1657d31832c9965d54c5037a3402
SHA1 c312863d621b0b5ec9ec930b1db73de3c95f7141
SHA256 563fcd4ca2678ddb6c1366c92aa4daa410d7eba73d68d9336fb967f732770c8d
SHA512 643d2ec57767443e0efcc580a0e5abe062375f34b936daa22aa24e20d837b84854de18f636dc0ca5d100b4309a456746d733a65f8d1ccb173fe590ab5bf99007