Overview

overview

7

Static

static

7

MEGAsyncSetup64.exe

windows7-x64

7

MEGAsyncSetup64.exe

windows10-2004-x64

4

MEGAsync.exe

windows7-x64

3

MEGAsync.exe

windows10-2004-x64

1

MEGAupdater.exe

windows7-x64

1

MEGAupdater.exe

windows10-2004-x64

1

Qt/labs/fo...in.dll

windows7-x64

1

Qt/labs/fo...in.dll

windows10-2004-x64

1

Qt/labs/se...in.dll

windows7-x64

1

Qt/labs/se...in.dll

windows10-2004-x64

1

Qt5Core.dll

windows7-x64

1

Qt5Core.dll

windows10-2004-x64

1

Qt5Gui.dll

windows7-x64

1

Qt5Gui.dll

windows10-2004-x64

1

Qt5Network.dll

windows7-x64

1

Qt5Network.dll

windows10-2004-x64

1

Qt5Qml.dll

windows7-x64

1

Qt5Qml.dll

windows10-2004-x64

1

Qt5QmlModels.dll

windows7-x64

1

Qt5QmlModels.dll

windows10-2004-x64

1

Qt5QmlWork...pt.dll

windows7-x64

1

Qt5QmlWork...pt.dll

windows10-2004-x64

1

Qt5Quick.dll

windows7-x64

1

Qt5Quick.dll

windows10-2004-x64

1

Qt5QuickControls2.dll

windows7-x64

1

Qt5QuickControls2.dll

windows10-2004-x64

1

Qt5QuickTe...s2.dll

windows7-x64

1

Qt5QuickTe...s2.dll

windows10-2004-x64

1

Qt5Svg.dll

windows7-x64

1

Qt5Svg.dll

windows10-2004-x64

1

Qt5Widgets.dll

windows7-x64

1

Qt5Widgets.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-11-2024 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MEGAsync.exe

  • Size

    73.4MB

  • MD5

    6336015b6d228b6c96acf2399529b1b0

  • SHA1

    99a7633366b448e47dd5efaa78a24db611d541c4

  • SHA256

    06223d2aa372208b8fab2c5d70651f29b90d6bc18e83b9e3225e97367dc0acc2

  • SHA512

    ab46bb40bb0088da45fe22df72cff8c3f7c0a03ae561a22a700aedc6aa1e4657bb8bfc92acf267461185f77e4e19096e91554ed274ebe282ecd0013805bf239b

  • SSDEEP

    786432:4U9PW1PztyRdnVtztBpTaf1lW03V+cAPzP9gmX3dYc2uzPBWO:4YNFVt1TafX3VMKcdYcVWO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MEGAsync.exe
    "C:\Users\Admin\AppData\Local\Temp\MEGAsync.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Mega Limited\MEGAsync\MEGAsync.cfg
    Filesize

    761B

    MD5

    c5854ee3621dd99f4e737de80a6ebdee

    SHA1

    ad4152420865fe0f37e4e97bd9545dab5a4b3ccd

    SHA256

    73c5eb36bb8a80b8262aeeab2b3d72e739bb8594ebf0a97360311f68204a3396

    SHA512

    1fad276d12b6308626d0501169391af0e46aed077e89083030f1f5d2cae0c978c5996dfb9b3cd7c17166e6be47112f869aabf00d75959ad8b83353096960eb93

    Download Submit

  • memory/4648-0-0x00007FF8E4550000-0x00007FF8E4952000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4648-1-0x00007FF8E3A10000-0x00007FF8E3F5D000-memory.dmp

    Filesize

    5.3MB

    Download

  • memory/4648-2-0x00007FF746690000-0x00007FF74B37F000-memory.dmp

    Filesize

    76.9MB

    Download

  • memory/4648-6-0x000002C8F4B40000-0x000002C8F4D42000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4648-4-0x000002C8F46F0000-0x000002C8F4B32000-memory.dmp

    Filesize

    4.3MB

    Download