| File name: | Marvel’s Spider-Man 2 Setup.exe |
| Full analysis: | https://app.any.run/tasks/02e144da-4205-4777-828a-1f2f08f6e196 |
| Verdict: | Malicious activity |
| Analysis date: | October 24, 2023, 12:04:51 |
| OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
| Indicators: | |
| MIME: | application/x-dosexec |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5: | FF464351C55E3559CA1DD86CDB158182 |
| SHA1: | 4A73DC9FB3A825DC025348B2F544FE1C41B5AA32 |
| SHA256: | 6DDC229E60F88D6D202B5A33379EC9588D0003159654A7997A974C88F57F1038 |
| SSDEEP: | 393216:b9JDRynEZAXSm+YfgZpOQsdwW2L+oHvg6waZZ:fDzAXC+gZsI9rnf |
MALICIOUS
Drops the executable file immediately after the start
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Loads dropped or rewritten executable
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
SUSPICIOUS
No suspicious indicators.INFO
Reads the machine GUID from the registry
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Checks supported languages
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Reads the computer name
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Create files in a temporary directory
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Creates files in the program directory
- Marvel’s Spider-Man 2 Setup.exe (PID: 2616)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .dll | | | Win32 Dynamic Link Library (generic) (43.5) |
|---|---|---|
| .exe | | | Win32 Executable (generic) (29.8) |
| .exe | | | Generic Win/DOS Executable (13.2) |
| .exe | | | DOS Executable Generic (13.2) |
EXIF
EXE
| Subsystem: | Windows GUI |
|---|---|
| SubsystemVersion: | 4 |
| ImageVersion: | - |
| OSVersion: | 4 |
| EntryPoint: | 0x1d20 |
| UninitializedDataSize: | - |
| InitializedDataSize: | 7376896 |
| CodeSize: | 4096 |
| LinkerVersion: | 6 |
| PEType: | PE32 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| TimeStamp: | 2011:01:31 17:44:13+00:00 |
| MachineType: | Intel 386 or later, and compatibles |
Total processes
40
Monitored processes
2
Malicious processes
1
Suspicious processes
0
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2616 | "C:\Users\admin\AppData\Local\Temp\Marvel’s Spider-Man 2 Setup.exe" | C:\Users\admin\AppData\Local\Temp\Marvel’s Spider-Man 2 Setup.exe | explorer.exe | ||||||||||||
User: admin Integrity Level: HIGH Exit code: 0 Modules
| |||||||||||||||
| 2700 | "C:\Users\admin\AppData\Local\Temp\Marvel’s Spider-Man 2 Setup.exe" | C:\Users\admin\AppData\Local\Temp\Marvel’s Spider-Man 2 Setup.exe | — | explorer.exe | |||||||||||
User: admin Integrity Level: MEDIUM Exit code: 3221226540 Modules
| |||||||||||||||
Total events
383
Read events
382
Write events
0
Delete events
1
Modification events
| (PID) Process: | (2616) Marvel’s Spider-Man 2 Setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\tmp |
| Operation: | delete key | Name: | (default) |
Value: | |||
Executable files
2
Suspicious files
0
Text files
14
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\setup_temp.gea | — | |
MD5:— | SHA256:— | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\key.gif | image | |
MD5:B6DA413C7F030E89DE32B9ACD0C83A66 | SHA256:B58FEF0E248AD5C23FB571E3DB1BF5A16C0C3D5486703EA9617C0D624843A464 | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\coverPC.jpg | image | |
MD5:8F6233B8B81DD581EC01DA67009C46EB | SHA256:3FC66CB5C43EC4AE65849DA1E2B0FF249167B01F9ABEADD93DA5180535B5AA46 | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\arrow.gif | image | |
MD5:5DE90995CCFF4783C5642CE9B4FF4C5C | SHA256:92B14E891426D54302ED54C5244826E8E6448E4BB53995100CC9E69BA36A7F48 | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\3default - 1.bmp | image | |
MD5:14A455E9EEF9FE7FEA4DE14D579A3E84 | SHA256:B666E6BD71EFF3547FB2F5580AC61C64527F6F9BE6A2178FA00F80E32431460A | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\2banner.gif | image | |
MD5:182BE7648D50E262A520FB3A7D82AD67 | SHA256:3C5F5E9F723009E12E385E86D82C02CA8EE87999C9CFEA183EB2593CAD62DD5E | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\5logo.jpg | image | |
MD5:CE8EDB032FD961BCC8C664E6936EAA99 | SHA256:3A34930CAA21894A3365913F3930E086D80BCBC5E372D521A0CA4BC5AFE92AB5 | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\6EULA.txt | text | |
MD5:2ECFEFB856D8F6E601687F81A915AF8A | SHA256:B9AFC32007CA92436CE1E71CC73B7698693B8B367B4F1990A776D62CD42430DA | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\gentee9D\guig.dll | executable | |
MD5:D3F8C0334C19198A109E44D074DAC5FD | SHA256:005C251C21D6A5BA1C3281E7B9F3B4F684D007E0C3486B34A545BB370D8420AA | |||
| 2616 | Marvel’s Spider-Man 2 Setup.exe | C:\Users\admin\AppData\Local\Temp\genteert.dll | executable | |
MD5:6CE814FD1AD7AE07A9E462C26B3A0F69 | SHA256:54C0DA1735BB1CB02B60C321DE938488345F8D1D26BF389C8CB2ACAD5D01B831 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
2
DNS requests
0
Threats
0
HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |