fa3f7a4c1502f499a481b56f5e7c185876626e3d00110d84e09652f98b776aff

Submit
Reports

Overview

overview

Static

static

0811cf7c27...de.exe

windows7-x64

0811cf7c27...de.exe

windows10-2004-x64

0dd0b31f05...24.exe

windows7-x64

0dd0b31f05...24.exe

windows10-2004-x64

1ad888606f...e0.exe

windows7-x64

1ad888606f...e0.exe

windows10-2004-x64

1c77a07e45...95.exe

windows7-x64

1c77a07e45...95.exe

windows10-2004-x64

23f1c183af...bc.exe

windows7-x64

23f1c183af...bc.exe

windows10-2004-x64

38e891599d...90.exe

windows7-x64

38e891599d...90.exe

windows10-2004-x64

3a13e092e9...db.exe

windows7-x64

3a13e092e9...db.exe

windows10-2004-x64

3b9dabd99d...82.exe

windows7-x64

3b9dabd99d...82.exe

windows10-2004-x64

58fe9776f3...06.exe

windows7-x64

58fe9776f3...06.exe

windows10-2004-x64

5ab93bd422...11.exe

windows7-x64

5ab93bd422...11.exe

windows10-2004-x64

6b06c25fc6...43.exe

windows7-x64

6b06c25fc6...43.exe

windows10-2004-x64

6cc8001c9b...07.exe

windows7-x64

6cc8001c9b...07.exe

windows10-2004-x64

73ca5dd6d4...3f.exe

windows7-x64

73ca5dd6d4...3f.exe

windows10-2004-x64

7b931d48ea...f0.exe

windows7-x64

7b931d48ea...f0.exe

windows10-2004-x64

7d6892645b...0f.exe

windows7-x64

7d6892645b...0f.exe

windows10-2004-x64

9036aeb570...7e.exe

windows7-x64

9036aeb570...7e.exe

windows10-2004-x64

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
27-11-2024 09:49

Sharing

Copy URL

Twitter E-mail

Static task

static1

10 signatures

Behavioral task

behavioral1

Sample

0811cf7c2702af79720305f03bb4945d63bd4052d4d6df4aa4cf8e6418e5d9de.exe

Resource

win7-20240708-en

credential_access discovery ransomware spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

0811cf7c2702af79720305f03bb4945d63bd4052d4d6df4aa4cf8e6418e5d9de.exe

Resource

win10v2004-20241007-en

credential_access discovery ransomware spyware stealer

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral3

Sample

0dd0b31f05bd8036791494372275f393714ac18bae0f8d26a808387a0fcfe224.exe

Resource

win7-20240903-en

credential_access discovery spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

0dd0b31f05bd8036791494372275f393714ac18bae0f8d26a808387a0fcfe224.exe

Resource

win10v2004-20241007-en

credential_access discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

1ad888606f448d0d04c37ba11348b4c7d06f22b1cb3e8c217a21a5674bf29ce0.exe

Resource

win7-20240708-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

1ad888606f448d0d04c37ba11348b4c7d06f22b1cb3e8c217a21a5674bf29ce0.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

1c77a07e45b4f3e7f2b756c76df58a9d0f78785aa0f9e154074503398203c695.exe

Resource

win7-20240729-en

eternity defense_evasion discovery evasion execution impact ransomware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral8

Sample

1c77a07e45b4f3e7f2b756c76df58a9d0f78785aa0f9e154074503398203c695.exe

Resource

win10v2004-20241007-en

eternity discovery evasion

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral9

Sample

23f1c183af6a0322746465beeb83e79c30ba8f497cd52d60e2ed544bb7b39ebc.exe

Resource

win7-20240903-en

njrat hacked discovery evasion persistence privilege_escalation trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral10

Sample

23f1c183af6a0322746465beeb83e79c30ba8f497cd52d60e2ed544bb7b39ebc.exe

Resource

win10v2004-20241007-en

njrat discovery evasion persistence privilege_escalation trojan

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral11

Sample

38e891599dad5b84356bad13b154ef7e26bb07aa651809a00369e52a54adc890.exe

Resource

win7-20240903-en

gozi 3170 banker discovery isfb trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral12

Sample

38e891599dad5b84356bad13b154ef7e26bb07aa651809a00369e52a54adc890.exe

Resource

win10v2004-20241007-en

gozi 3170 banker discovery isfb trojan

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral13

Sample

3a13e092e9c857702ad930dbd32ff7e4819151b0eab88be26d0229d95a74b6db.exe

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

3a13e092e9c857702ad930dbd32ff7e4819151b0eab88be26d0229d95a74b6db.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

3b9dabd99dc58a5242616cb6d1d876bca3046119a9b150c7d7868bf02202ea82.exe

Resource

win7-20241010-en

discovery

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

3b9dabd99dc58a5242616cb6d1d876bca3046119a9b150c7d7868bf02202ea82.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

58fe9776f33628fd965d1bcc442ec8dc5bfae0c648dcaec400f6090633484806.exe

Resource

win7-20240903-en

maze credential_access defense_evasion discovery execution impact ransomware spyware stealer trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral18

Sample

58fe9776f33628fd965d1bcc442ec8dc5bfae0c648dcaec400f6090633484806.exe

Resource

win10v2004-20241007-en

maze credential_access defense_evasion discovery execution impact ransomware spyware stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral19

Sample

5ab93bd4225586706037be1870f84d4bd124b38df01f78de5648e3e0f30b8911.exe

Resource

win7-20240903-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

5ab93bd4225586706037be1870f84d4bd124b38df01f78de5648e3e0f30b8911.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

6b06c25fc6181adf110e8109550698897836b5c429fe9b013b2e51a3abc05343.exe

Resource

win7-20240708-en

guloader discovery downloader guloader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral22

Sample

6b06c25fc6181adf110e8109550698897836b5c429fe9b013b2e51a3abc05343.exe

Resource

win10v2004-20241007-en

guloader discovery downloader guloader

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral23

Sample

6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207.exe

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

73ca5dd6d49b4c296ee1304aaac2e5fde01156800b538354fd27366df5b9323f.exe

Resource

win7-20241010-en

discovery execution

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral26

Sample

73ca5dd6d49b4c296ee1304aaac2e5fde01156800b538354fd27366df5b9323f.exe

Resource

win10v2004-20241007-en

discovery execution

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral27

Sample

7b931d48eafa703a99ca7f104daf9a7343b6f1161d49073b86f5a4700864d3f0.exe

Resource

win7-20240903-en

crimsonrat rat

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral28

Sample

7b931d48eafa703a99ca7f104daf9a7343b6f1161d49073b86f5a4700864d3f0.exe

Resource

win10v2004-20241007-en

crimsonrat rat

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral29

Sample

7d6892645bc5ba581b2fff986b3e9371dd7298bab6aac890c99f80c8b1d78f0f.exe

Resource

win7-20240708-en

blacknet hacked persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral30

Sample

7d6892645bc5ba581b2fff986b3e9371dd7298bab6aac890c99f80c8b1d78f0f.exe

Resource

win10v2004-20241007-en

blacknet persistence trojan

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral31

Sample

9036aeb570b22497c0f937e7edcef624800426011f0193a2b78c7f124e3a4c7e.exe

Resource

win7-20241010-en

discovery

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

9036aeb570b22497c0f937e7edcef624800426011f0193a2b78c7f124e3a4c7e.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207.exe
Size

156KB
MD5

693701db23a12f69c6f8a47fde7e8ada
SHA1

c72997afaf96010c2ba2a53631395fc355ffc252
SHA256

6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207
SHA512

09471a5757098227780f6c8a9ca61cb4cf7f33c97858855f35332699e85e8c576e63630f98927887c61554cbb2ac94f91013b2c7fb7f5eae64709393eaefa2dd
SSDEEP

1536:s4plMDQqy8HvtyzXJCUJ1he3mDL0ZiZpBJ1fi/dPUZJ/CeXgiD3W38QsGK7MlZcw:LpmDRXvtMJCU7DzpBhJZMIB7aOQj

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207.exe
"C:\Users\Admin\AppData\Local\Temp\6cc8001c9b61f55dc390743a9a6adfe2de01efd983f68599b288d39d3bfb7207.exe"
1⤵
PID:2716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2716-0-0x000007FEF5D33000-0x000007FEF5D34000-memory.dmp

Filesize
4KB

Download
memory/2716-1-0x000000013F870000-0x000000013F894000-memory.dmp

Filesize
144KB

Download