Overview

overview

10

Static

static

10

2a58deb886...91.exe

windows7-x64

7

2a58deb886...91.exe

windows10-2004-x64

7

2a8a0bca04...56.exe

windows7-x64

1

2a8a0bca04...56.exe

windows10-2004-x64

1

2a9ffe006a...34.exe

windows7-x64

10

2a9ffe006a...34.exe

windows10-2004-x64

10

2ab11ad915...2a.exe

windows7-x64

8

2ab11ad915...2a.exe

windows10-2004-x64

8

2ac1621a2b...d2.exe

windows7-x64

7

2ac1621a2b...d2.exe

windows10-2004-x64

7

2b3308a415...7b.exe

windows7-x64

7

2b3308a415...7b.exe

windows10-2004-x64

7

2b3fba9224...50.exe

windows7-x64

10

2b3fba9224...50.exe

windows10-2004-x64

10

2b820e3de5...95.exe

windows7-x64

7

2b820e3de5...95.exe

windows10-2004-x64

7

2b9233e0b0...ed.exe

windows7-x64

7

2b9233e0b0...ed.exe

windows10-2004-x64

7

2bb7c2979e...c6.exe

windows7-x64

10

2bb7c2979e...c6.exe

windows10-2004-x64

8

2bcc16cd37...1b.exe

windows7-x64

7

2bcc16cd37...1b.exe

windows10-2004-x64

7

2bf6115ff0...e6.exe

windows7-x64

10

2bf6115ff0...e6.exe

windows10-2004-x64

10

2bfb9d98d1...aa.exe

windows7-x64

3

2bfb9d98d1...aa.exe

windows10-2004-x64

3

2c1bb67a63...62.exe

windows7-x64

10

2c1bb67a63...62.exe

windows10-2004-x64

10

2c878e31ca...a9.exe

windows7-x64

9

2c878e31ca...a9.exe

windows10-2004-x64

9

2ccb525855...c9.exe

windows7-x64

1

2ccb525855...c9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    22/03/2025, 06:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b820e3de58782883087f0783d484f95.exe

  • Size

    6.5MB

  • MD5

    2b820e3de58782883087f0783d484f95

  • SHA1

    b5a4c93813e01b10f948cd46e83ae16c64299284

  • SHA256

    b5eaf05525428e4f6db4343e9070a7afefb91694926e3c75b7b0ec0d16cf57c8

  • SHA512

    f48ad7fae5b3c453dd6e7a291836376865e690b20bca38e6465832dd6c5d7aa568f655939e4f3f530eec4285bf01b23e7acec72c52a691fd31d92e3b05bce984

  • SSDEEP

    98304:0VgvtU3ioYGQlAkxpP2vrXGwy6T4ng5WbkTYFnZ2+mPjcElY5ZubP+uvq:0T2GIAkxpuvrXGwygzEFQ+pEl0Zuj

Score
7/10
agilenet

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Obfuscated with Agile.Net obfuscator 4 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b820e3de58782883087f0783d484f95.exe
    "C:\Users\Admin\AppData\Local\Temp\2b820e3de58782883087f0783d484f95.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Bass.Net.dll
    Filesize

    632KB

    MD5

    ddc305fca2a8d80523ad8bc50996480b

    SHA1

    7bee723b565267aa355ad9f7f5cf17c74f2cce1f

    SHA256

    af9e46b70c7739547739ddfcdd56b7b218b5bda6e14c49bed3bbc08c2b867216

    SHA512

    acf2064d1b59d73cc5086f9a8c26a5e1fb7e7909e5460d3427d7681ee36709a568146000bbea9464fb173df474c58bda4f87bbbb759ea06ed2fd71d3c6bc0eea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\tmpFD62.tmp
    Filesize

    832KB

    MD5

    6aab5c90d7c703ed4aefd5100c97fd22

    SHA1

    b6bb0a5614da9565d5ef2a5a23aa0aaa5bd5b3f0

    SHA256

    1b796196d9ae7b15507546d53a2b5aeae36e5b80e6291f02317f6fedab18d74a

    SHA512

    6c1c1cc6da08f49d15f6cbbadc81bdfaa4251d9ecc9321e0de474141534b42f2bc4c4ada053ace81e07635478f945d2266466f45f9e55c3c924c974d86c26251

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Bass.dll
    Filesize

    218KB

    MD5

    82dbc53c4e057ad941eb73aba212956e

    SHA1

    38a582ce5fbe03e8c5f040d82f89b4797e305860

    SHA256

    eda3f66eedc49ff9b9506c1ccf679a7822104c771eaab3afa367f0d6a2c9bbd5

    SHA512

    6f8e9082750c9cc8eb7bcaf7b7442f52ec55e2b712fff29a3a22868218fbfd605b594314e7be2720fd25f5a89d95774481177429de35acb48d023d39a2767781

    Download Submit

  • memory/2204-37-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-39-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-3-0x000000001C710000-0x000000001C886000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2204-13-0x000000001B330000-0x000000001B3D2000-memory.dmp

    Filesize

    648KB

    Download

  • memory/2204-2-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-21-0x000000001BFC0000-0x000000001C018000-memory.dmp

    Filesize

    352KB

    Download

  • memory/2204-22-0x000000001C640000-0x000000001C672000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2204-23-0x000000001C890000-0x000000001C8D4000-memory.dmp

    Filesize

    272KB

    Download

  • memory/2204-24-0x000000001CF30000-0x000000001CF52000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2204-25-0x000000001CF50000-0x000000001D00A000-memory.dmp

    Filesize

    744KB

    Download

  • memory/2204-27-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-26-0x00000000029F0000-0x00000000029F8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2204-28-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-29-0x0000000023D80000-0x000000002400E000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2204-30-0x0000000002A00000-0x0000000002A06000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2204-31-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-32-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-33-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-34-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-0-0x000007FEF6183000-0x000007FEF6184000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2204-10-0x000000001B330000-0x000000001B3D2000-memory.dmp

    Filesize

    648KB

    Download

  • memory/2204-40-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-38-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-41-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-42-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-43-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-44-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-1-0x0000000000360000-0x00000000009E4000-memory.dmp

    Filesize

    6.5MB

    Download

  • memory/2204-48-0x000007FEF6183000-0x000007FEF6184000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2204-49-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-50-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-51-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-52-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-53-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-54-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-55-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-56-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-57-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-58-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-59-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2204-60-0x000007FEF6180000-0x000007FEF6B6C000-memory.dmp

    Filesize

    9.9MB

    Download