Overview

overview

3

Static

static

3

9384da648c...e3.exe

windows7-x64

3

9384da648c...e3.exe

windows10-2004-x64

3

$0/PotLV64.exe

windows7-x64

1

$0/PotLV64.exe

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDIR/nxs.dll

windows7-x64

3

$PLUGINSDIR/nxs.dll

windows10-2004-x64

3

KillPot64.exe

windows7-x64

1

KillPot64.exe

windows10-2004-x64

1

PotIcons64.dll

windows7-x64

1

PotIcons64.dll

windows10-2004-x64

1

PotPlayerMini64.exe

windows7-x64

1

PotPlayerMini64.exe

windows10-2004-x64

1

ffcodec64.dll

windows7-x64

1

ffcodec64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-12-2024 14:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    KillPot64.exe

  • Size

    89KB

  • MD5

    67b4df7a6fb5e6b59012926177586732

  • SHA1

    fdb725af9ac8daddb8a718e541db6d6718b3b301

  • SHA256

    00a1067fc96eb2c1d440bb5b44b32f43b9900fdd3a65c985d65a63b8f1535ef5

  • SHA512

    f1ff7d14ee13cda94412b4d66277a5315c557e66678c6e1b6a2ed357d9d4868732e9aa383c38db0f561abbab6c4fbe0b2b0c5347c6a38010a5064d6e32284d3e

  • SSDEEP

    1536:48d6OORYdcD9PjCX0Mr9TW/6gusWgSdc9dl9Xcg7/VG:48d6KM9PGkMr9k604UPD7NG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\KillPot64.exe
    "C:\Users\Admin\AppData\Local\Temp\KillPot64.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads