Overview

overview

9

Static

static

3

Mr.Time to...ol.exe

windows7-x64

1

Mr.Time to...ol.exe

windows10-2004-x64

9

Mr.Time to...40.dll

windows7-x64

1

Mr.Time to...40.dll

windows10-2004-x64

1

Mr.Time to..._1.dll

windows7-x64

1

Mr.Time to..._1.dll

windows10-2004-x64

1

Mr.Time to...z2.dll

windows7-x64

1

Mr.Time to...z2.dll

windows10-2004-x64

1

Mr.Time to...al.dll

windows7-x64

1

Mr.Time to...al.dll

windows10-2004-x64

1

Mr.Time to...ib.dll

windows7-x64

1

Mr.Time to...ib.dll

windows10-2004-x64

1

Mr.Time to...ma.dll

windows7-x64

1

Mr.Time to...ma.dll

windows10-2004-x64

1

Mr.Time to...ue.dll

windows7-x64

1

Mr.Time to...ue.dll

windows10-2004-x64

1

Mr.Time to...sl.dll

windows7-x64

1

Mr.Time to...sl.dll

windows10-2004-x64

1

Mr.Time to...mi.dll

windows7-x64

1

Mr.Time to...mi.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Mr.Time to...-0.dll

windows10-2004-x64

1

Resubmissions

01-07-2024 05:41

240701-gdt77a1clj 9

Analysis

  • max time kernel
    117s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 05:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mr.Time tool/Mr.Time tool.exe

  • Size

    2.4MB

  • MD5

    bc5143288bfb94c2b01f663cb825fdda

  • SHA1

    3dfe1af882697fef434622dbff60e6d9e34c093e

  • SHA256

    f27c66a7b23f8d5f3830a5f14d55f21f0f97e87b0acd8813b830d38814444127

  • SHA512

    d29532451c843fe85dbb8ad3157b466a90ce55e783ed99177e164bdd097c12f3f6fed4ec986cb312f40e7ff21324b460443cf68bc391e9f04e6d179a1886936e

  • SSDEEP

    49152:7igqK8cqO3dOGDA7yzwUnFLYowtzQNdzmJFjemauDZlbgdlixIU30snQLq:7i7K8DPGDOycUnpY7lQj2FKmFDzMfiLk

Score
9/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Mr.Time tool\Mr.Time tool.exe
    "C:\Users\Admin\AppData\Local\Temp\Mr.Time tool\Mr.Time tool.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c "title "M̸̬̃ř̸̖.̵̦̐T̴̤̅i̴̞͝m̵͕̅è̷̖ ̵̤̈́D̷̝̿Ď̸̖O̸͉͒Ś̶̢ ̷̩̏T̶̲̆O̵̪͠Ō̴͓Ĺ̴͈""
      2⤵
        PID:4500

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads