30d2e5fd788a990ddfe0287090c8c23d260ab642b4826888d50b24bb31eb2dee

General

Target

TheAltening.exe
Size

120.8MB
MD5

29689fef5edf0357ca6a07dffc7a71ea
SHA1

8855b2d203833744323bd7b0cc7a8894998607d7
SHA256

31c4ab99ebb574c221aa795161b959fed11a0e6908bf64385944873f293c5253
SHA512

6c90ab9c0aecaffd966a722f290e5c9cc83b51b3da54bc247275debeecc8d8a028b2f9e4bcd182b832e1af1057de5c0d38b815f23e1a6716e76025d0a371bdd0
SSDEEP

786432:uQ/HMKcIK3l8vVwEgNRajudstuB+chCkZ9xKX65/wfejMVJu:T/vvKepgmq2tuB+chCE9EQ1

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 5 IoCs

pid	Process
1076	TheAltening.exe
1076	TheAltening.exe
1076	TheAltening.exe
1076	TheAltening.exe
1076	TheAltening.exe

C:\Users\Admin\AppData\Local\Temp\TheAltening.exe
"C:\Users\Admin\AppData\Local\Temp\TheAltening.exe"
1⤵
- Loads dropped DLL
PID:1076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\.net\TheAltening\hOHr51s9Bz0M1wb5lZYsR6q9KnUsh1I=\D3DCompiler_47_cor3.dll

Filesize
4.7MB

MD5
c4974c924b605bd322c4872d72de90d1

SHA1
20df9433eab24d3291696046646f493794b77cba

SHA256
71d766b4742ca9f7422bb2efc3dc03f2cee509a5a43d241e748cda7aaac24bf4

SHA512
3889648dbb4608ece9c68f1cd5b1601da5b795eade7910764dd4769090cdb209a39acf3986e6e7190745f3bc6b1477a52dfaccb96a7e799eafc0825e2c44a846

Download Submit
\Users\Admin\AppData\Local\Temp\.net\TheAltening\hOHr51s9Bz0M1wb5lZYsR6q9KnUsh1I=\PresentationNative_cor3.dll

Filesize
1.2MB

MD5
8e874bb782193fa45d027254e7d03244

SHA1
024ccc78d1d23050164e8cfdf141c921f42e0c74

SHA256
f75f98fbbb02dad69bcd8c69ec26eb3705dbd95dad996b58308b50e6c9904246

SHA512
3f3b0f93e5600c0671688317ee00d7a88411b80b7c4aa383d274af318782a66665409a528d484409bfe598c309ed54480c86a4d4e109dee5265351d5902d0c56

Download Submit
\Users\Admin\AppData\Local\Temp\.net\TheAltening\hOHr51s9Bz0M1wb5lZYsR6q9KnUsh1I=\clrjit.dll

Filesize
1.2MB

MD5
b2eb7b51bd58201cf498e83846e90110

SHA1
ca439759b5c5162e626d2b84ab55b93adc552e06

SHA256
180557694842854789457a872df849b2130098a9c2bfd70d201f77bec6f9fddb

SHA512
1a92064b3417b287246fadd88fea9138dfcc659283e063aab9305e424feac0d1b2c216be5f65ce7a95f0322ab3849478892ae407399aa6029a504c4c8a5884da

Download Submit
\Users\Admin\AppData\Local\Temp\.net\TheAltening\hOHr51s9Bz0M1wb5lZYsR6q9KnUsh1I=\coreclr.dll

Filesize
5.0MB

MD5
1c434dc8cb09095640c776385ba69691

SHA1
97fe8e25bebfb7d790768175a4625d07f3d4abfd

SHA256
3b3558c408c57be332c9595624f6d49413fe0dd43d3d5fa4626041851f77216a

SHA512
4bdb7c0e8571422927fbc8eec6d05959915748acce035fef336b32381922a0a54f029f959fb66cb96a89a024c11e2b94ee6948f618dd04d9ae87cc83f3f83ec8

Download Submit
\Users\Admin\AppData\Local\Temp\.net\TheAltening\hOHr51s9Bz0M1wb5lZYsR6q9KnUsh1I=\wpfgfx_cor3.dll

Filesize
1.9MB

MD5
0c0be30d77de3f65e1c990b7d99143da

SHA1
fd9a4e456f56308d5bed48e7049de64e88a73833

SHA256
12a8b75ceecb6c5ce8ce81ad064aaf2bcb09d6338e5e03a7eddc57acd58e2a7d

SHA512
9a2a6acad9b21c3f093d4d72289f32ca6ebaee304c9a9e3ec9319558919452c3b2f23ea5e72c06c9af7a2a1ded0ce266e45f4fb9113d2bb3897320fcbdf7ebad

Download Submit
memory/1076-51-0x0000000003040000-0x0000000003084000-memory.dmp

Filesize
272KB

Download
memory/1076-15-0x000007FEF616A000-0x000007FEF616B000-memory.dmp

Filesize
4KB

Download
memory/1076-24-0x00000000004C0000-0x00000000004CA000-memory.dmp

Filesize
40KB

Download
memory/1076-29-0x00000644A0060000-0x00000644A00A5000-memory.dmp

Filesize
276KB

Download
memory/1076-32-0x0000000080360000-0x0000000080BA1000-memory.dmp

Filesize
8.3MB

Download
memory/1076-38-0x0000000000560000-0x0000000000564000-memory.dmp

Filesize
16KB

Download
memory/1076-40-0x0000000001D80000-0x0000000001D84000-memory.dmp

Filesize
16KB

Download
memory/1076-19-0x00000001805C0000-0x0000000181517000-memory.dmp

Filesize
15.3MB

Download
memory/1076-35-0x0000000180050000-0x00000001800CA000-memory.dmp

Filesize
488KB

Download
memory/1076-45-0x00000644A00E0000-0x00000644A01CD000-memory.dmp

Filesize
948KB

Download
memory/1076-48-0x00000644A0020000-0x00000644A0032000-memory.dmp

Filesize
72KB

Download
memory/1076-21-0x0000000180110000-0x0000000180329000-memory.dmp

Filesize
2.1MB

Download
memory/1076-54-0x00000644A0040000-0x00000644A005D000-memory.dmp

Filesize
116KB

Download
memory/1076-26-0x0000000002DD0000-0x0000000002F2B000-memory.dmp

Filesize
1.4MB

Download
memory/1076-12-0x000006448A000000-0x000006448A8F5000-memory.dmp

Filesize
9.0MB

Download
memory/1076-62-0x00000000055C0000-0x0000000005722000-memory.dmp

Filesize
1.4MB

Download
memory/1076-65-0x00000000043F0000-0x0000000004422000-memory.dmp

Filesize
200KB

Download
memory/1076-69-0x0000000004480000-0x000000000448A000-memory.dmp

Filesize
40KB

Download
memory/1076-68-0x0000000004480000-0x000000000448A000-memory.dmp

Filesize
40KB

Download
memory/1076-70-0x0000000004530000-0x00000000045A0000-memory.dmp

Filesize
448KB

Download
memory/1076-73-0x0000000180010000-0x000000018001D000-memory.dmp

Filesize
52KB

Download
memory/1076-76-0x0000000004B70000-0x0000000004BE1000-memory.dmp

Filesize
452KB

Download
memory/1076-79-0x000007FEF6020000-0x000007FEF652F000-memory.dmp

Filesize
5.1MB

Download
memory/1076-80-0x000007FEF6020000-0x000007FEF652F000-memory.dmp

Filesize
5.1MB

Download
memory/1076-81-0x0000000004480000-0x000000000448A000-memory.dmp

Filesize
40KB

Download
memory/1076-82-0x000007FEF6020000-0x000007FEF652F000-memory.dmp

Filesize
5.1MB

Download
memory/1076-83-0x000007FEF6020000-0x000007FEF652F000-memory.dmp

Filesize
5.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads