Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-12-2024 17:38
General
-
Target
91DP.exe
-
Size
38.8MB
-
MD5
5338e376c1424fa35cc28c6a4ad332d8
-
SHA1
3c6ece7f5af5e900b73622ab2a5cd0b096308f77
-
SHA256
fc4843faa54782b623e6dd7df05342f1b3c5103f12b785a302d3e3d8c70fcaee
-
SHA512
1154d0f3c578ddb031531ed7e63b9fa2f8b8842ca2d1eb5ef6268710c0ed375fa8a4f263da11bf612b9dba453d377e8f7f418448cfff3cb8d7d8d2ddfde0850d
-
SSDEEP
786432:gBYRlGWWXZjqEscZKiwi/CH1V+mhIHG7yGy6zFNto9Qs0FrIv:gBkgWWXu0KiwiaVTWh8zto1KMv
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\91DP.exe"C:\Users\Admin\AppData\Local\Temp\91DP.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\onefile_2900_133791035116490000\Stub.exeC:\Users\Admin\AppData\Local\Temp\91DP.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.3MB
MD5e4533934b37e688106beac6c5919281e
SHA1ada39f10ef0bbdcf05822f4260e43d53367b0017
SHA2562bf761bae584ba67d9a41507b45ebd41ab6ae51755b1782496d0bc60cc1d41d5
SHA512fa681a48ddd81854c9907026d4f36b008e509729f1d9a18a621f1d86cd1176c1a1ff4f814974306fa4d9e3886e2ce112a4f79b66713e1401f5dae4bcd8b898b9