Automated Malware Analysis IOC Report for

Details

Filetype:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Entropy:	7.99998046750478
Filename:	SenPalia.exe
Filesize:	82609817
MD5:	3c327cbf1db1396f027a78d968db2e90
SHA1:	416f02955dbbb66ec4eae89f3088db92cdeb9572
SHA256:	a18106059f5438c0cb46c20aefd36a3cd7cbf4762a3d4ff2daa7312f4cbc7b79
SHA512:	62a03e4ec802165a1ebaf54263b8034cf9dc851587313b8452d92f96265d7d93f1e84e03256f5a3294e55ac3b77a83489c3bef26add12fcee60cf442f16284ed
SSDEEP:	1572864:bK6LBYIm4dmYQxwJqZHBFdNYZvpXm6IKEX:bBu/pRxmqzFC3IKE
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf._9..Pf..Pg.LPf._;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@.

Signature Hits	Behavior Group	Mitre Attack
Drops large PE files	System Summary
Drops PE files	Persistence and Installation Behavior
Enables security privileges	System Summary
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder
Uses 32bit PE files	Compliance, System Summary	Masquerading
Checks the free space of harddrives	Malware Analysis System Evasion
Creates files inside the user directory	System Summary	Masquerading
Creates temporary files	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Enumerates the file system	Spreading, Malware Analysis System Evasion
PE file has an executable .text section and no other executable section	System Summary
Queries a list of all running processes	Malware Analysis System Evasion	Process Discovery
Reads ini files	System Summary	File and Directory Discovery
Reads software policies	System Summary
Sample reads its own file content	System Summary
Tries to load missing DLLs	System Summary	DLL Side-Loading
Uses an in-process (OLE) Automation server	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
Creates a software uninstall entry	Compliance, System Summary	Windows Service
Creates license or readme file	Compliance, Persistence and Installation Behavior
Submission file is bigger than most known malware samples	System Summary

Details

File:	C:\Users\user\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
Category:	modified
Dump:	F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock.15.dr
ID:	dr_78
Target ID:	15
Process:	C:\Windows\System32\Taskmgr.exe
Type:	ASCII text, with no line terminators
Entropy:	1.5
Encrypted:	false
Size:	4
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Programs\SenPalia\SenPalia.exe
Category:	dropped
Dump:	SenPalia.exe.1.dr
ID:	dr_75
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (GUI) x86-64, for MS Windows
Entropy:	6.743926324302017
Encrypted:	false
Size:	160076800
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Uses 32bit PE files	Compliance, System Summary
Enumerates the file system	Spreading, Malware Analysis System Evasion	File and Directory Discovery
PE file has an executable .text section and no other executable section	System Summary
Spawns processes	System Summary	Process Injection
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
Submission file is bigger than most known malware samples	System Summary

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\LICENSE.electron.txt
Category:	dropped
Dump:	LICENSE.electron.txt.1.dr
ID:	dr_33
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	ASCII text
Entropy:	5.13006727705212
Encrypted:	false
Size:	1096
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\LICENSES.chromium.html
Category:	dropped
Dump:	LICENSES.chromium.html.1.dr
ID:	dr_9
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	HTML document, ASCII text
Entropy:	4.705814170451806
Encrypted:	false
Size:	8312662
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\chrome_100_percent.pak
Category:	dropped
Dump:	chrome_100_percent.pak.1.dr
ID:	dr_30
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	7.915612661029362
Encrypted:	false
Size:	127125
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\chrome_200_percent.pak
Category:	dropped
Dump:	chrome_200_percent.pak.1.dr
ID:	dr_31
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	7.939611912805236
Encrypted:	false
Size:	177406
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\d3dcompiler_47.dll
Category:	dropped
Dump:	d3dcompiler_47.dll.1.dr
ID:	dr_56
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.398049523846958
Encrypted:	false
Size:	4916712
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\ffmpeg.dll
Category:	dropped
Dump:	ffmpeg.dll.1.dr
ID:	dr_59
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.697367886822868
Encrypted:	false
Size:	2883072
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\icudtl.dat
Category:	dropped
Dump:	icudtl.dat.1.dr
ID:	dr_32
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	6.277141340322909
Encrypted:	false
Size:	10542048
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\libEGL.dll
Category:	dropped
Dump:	libEGL.dll.1.dr
ID:	dr_61
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.330677392522242
Encrypted:	false
Size:	481280
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\libGLESv2.dll
Category:	dropped
Dump:	libGLESv2.dll.1.dr
ID:	dr_63
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.463180789552528
Encrypted:	false
Size:	7625728
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\af.pak
Category:	dropped
Dump:	af.pak.1.dr
ID:	dr_11
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.4079285675542845
Encrypted:	false
Size:	377708
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\am.pak
Category:	dropped
Dump:	am.pak.1.dr
ID:	dr_13
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.894733266944232
Encrypted:	false
Size:	613642
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ar.pak
Category:	dropped
Dump:	ar.pak.1.dr
ID:	dr_15
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.903433286644294
Encrypted:	false
Size:	671738
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\bg.pak
Category:	dropped
Dump:	bg.pak.1.dr
ID:	dr_17
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.66095894344634
Encrypted:	false
Size:	701716
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\bn.pak
Category:	dropped
Dump:	bn.pak.1.dr
ID:	dr_19
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.273773274227575
Encrypted:	false
Size:	904943
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ca.pak
Category:	dropped
Dump:	ca.pak.1.dr
ID:	dr_21
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.400864409916039
Encrypted:	false
Size:	426906
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\cs.pak
Category:	dropped
Dump:	cs.pak.1.dr
ID:	dr_22
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.843819816549512
Encrypted:	false
Size:	436202
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\da.pak
Category:	dropped
Dump:	da.pak.1.dr
ID:	dr_23
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.454826678090317
Encrypted:	false
Size:	396104
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\de.pak
Category:	dropped
Dump:	de.pak.1.dr
ID:	dr_24
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.503137231857292
Encrypted:	false
Size:	424277
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\el.pak
Category:	dropped
Dump:	el.pak.1.dr
ID:	dr_38
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.75072843480339
Encrypted:	false
Size:	769050
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\en-GB.pak
Category:	dropped
Dump:	en-GB.pak.1.dr
ID:	dr_40
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.5169703217013675
Encrypted:	false
Size:	344606
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\en-US.pak
Category:	dropped
Dump:	en-US.pak.1.dr
ID:	dr_42
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.508989875739037
Encrypted:	false
Size:	347111
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\es-419.pak
Category:	dropped
Dump:	es-419.pak.1.dr
ID:	dr_44
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.3798866108688905
Encrypted:	false
Size:	421147
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\es.pak
Category:	dropped
Dump:	es.pak.1.dr
ID:	dr_46
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.349883254359391
Encrypted:	false
Size:	421332
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\et.pak
Category:	dropped
Dump:	et.pak.1.dr
ID:	dr_48
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.464870724176939
Encrypted:	false
Size:	380687
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\fa.pak
Category:	dropped
Dump:	fa.pak.1.dr
ID:	dr_50
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.029655615738747
Encrypted:	false
Size:	622184
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\fi.pak
Category:	dropped
Dump:	fi.pak.1.dr
ID:	dr_51
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.427253181023048
Encrypted:	false
Size:	389118
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\fil.pak
Category:	dropped
Dump:	fil.pak.1.dr
ID:	dr_52
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.195613019166525
Encrypted:	false
Size:	438088
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\fr.pak
Category:	dropped
Dump:	fr.pak.1.dr
ID:	dr_53
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.385096169417585
Encrypted:	false
Size:	454982
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\gu.pak
Category:	dropped
Dump:	gu.pak.1.dr
ID:	dr_57
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.32399215971305
Encrypted:	false
Size:	879149
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\he.pak
Category:	dropped
Dump:	he.pak.1.dr
ID:	dr_58
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.6265566170608325
Encrypted:	false
Size:	544193
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\hi.pak
Category:	dropped
Dump:	hi.pak.1.dr
ID:	dr_60
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.3093889077968495
Encrypted:	false
Size:	921748
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\hr.pak
Category:	dropped
Dump:	hr.pak.1.dr
ID:	dr_62
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.516218200944141
Encrypted:	false
Size:	423481
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\hu.pak
Category:	dropped
Dump:	hu.pak.1.dr
ID:	dr_64
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.643595706627357
Encrypted:	false
Size:	456789
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\id.pak
Category:	dropped
Dump:	id.pak.1.dr
ID:	dr_66
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.37852966615304
Encrypted:	false
Size:	373937
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\it.pak
Category:	dropped
Dump:	it.pak.1.dr
ID:	dr_67
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.287149423624235
Encrypted:	false
Size:	414412
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ja.pak
Category:	dropped
Dump:	ja.pak.1.dr
ID:	dr_68
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.701779406023226
Encrypted:	false
Size:	505292
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\kn.pak
Category:	dropped
Dump:	kn.pak.1.dr
ID:	dr_69
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.2289205973296395
Encrypted:	false
Size:	1012272
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ko.pak
Category:	dropped
Dump:	ko.pak.1.dr
ID:	dr_70
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	6.081959799252044
Encrypted:	false
Size:	425545
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\lt.pak
Category:	dropped
Dump:	lt.pak.1.dr
ID:	dr_71
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.634955727013476
Encrypted:	false
Size:	457220
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\lv.pak
Category:	dropped
Dump:	lv.pak.1.dr
ID:	dr_72
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.635474464056208
Encrypted:	false
Size:	455871
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ml.pak
Category:	dropped
Dump:	ml.pak.1.dr
ID:	dr_73
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.264965642462621
Encrypted:	false
Size:	1056673
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\mr.pak
Category:	dropped
Dump:	mr.pak.1.dr
ID:	dr_74
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.295071040310227
Encrypted:	false
Size:	863911
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ms.pak
Category:	dropped
Dump:	ms.pak.1.dr
ID:	dr_0
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.258177538585681
Encrypted:	false
Size:	390303
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\nb.pak
Category:	dropped
Dump:	nb.pak.1.dr
ID:	dr_1
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.424530593988954
Encrypted:	false
Size:	383011
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\nl.pak
Category:	dropped
Dump:	nl.pak.1.dr
ID:	dr_2
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.365550895872654
Encrypted:	false
Size:	395064
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\pl.pak
Category:	dropped
Dump:	pl.pak.1.dr
ID:	dr_3
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.766175831058526
Encrypted:	false
Size:	439920
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\pt-BR.pak
Category:	dropped
Dump:	pt-BR.pak.1.dr
ID:	dr_4
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.426006792591415
Encrypted:	false
Size:	415447
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\pt-PT.pak
Category:	dropped
Dump:	pt-PT.pak.1.dr
ID:	dr_5
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.401132911995885
Encrypted:	false
Size:	416977
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ro.pak
Category:	dropped
Dump:	ro.pak.1.dr
ID:	dr_6
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.460617985170646
Encrypted:	false
Size:	430191
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ru.pak
Category:	dropped
Dump:	ru.pak.1.dr
ID:	dr_7
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.836890612319527
Encrypted:	false
Size:	703696
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\sk.pak
Category:	dropped
Dump:	sk.pak.1.dr
ID:	dr_8
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.818852266406701
Encrypted:	false
Size:	443094
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\sl.pak
Category:	dropped
Dump:	sl.pak.1.dr
ID:	dr_10
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.48540289392965
Encrypted:	false
Size:	427791
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\sr.pak
Category:	dropped
Dump:	sr.pak.1.dr
ID:	dr_12
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.761695251077794
Encrypted:	false
Size:	660194
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\sv.pak
Category:	dropped
Dump:	sv.pak.1.dr
ID:	dr_14
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.543491670458518
Encrypted:	false
Size:	385361
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\sw.pak
Category:	dropped
Dump:	sw.pak.1.dr
ID:	dr_16
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.342349721117576
Encrypted:	false
Size:	404460
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ta.pak
Category:	dropped
Dump:	ta.pak.1.dr
ID:	dr_18
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.044068430611977
Encrypted:	false
Size:	1043803
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\te.pak
Category:	dropped
Dump:	te.pak.1.dr
ID:	dr_20
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.295544641165274
Encrypted:	false
Size:	965006
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\th.pak
Category:	dropped
Dump:	th.pak.1.dr
ID:	dr_34
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.342029978594925
Encrypted:	false
Size:	811437
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\tr.pak
Category:	dropped
Dump:	tr.pak.1.dr
ID:	dr_35
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.6133974766805546
Encrypted:	false
Size:	411446
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\uk.pak
Category:	dropped
Dump:	uk.pak.1.dr
ID:	dr_36
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.868598768447113
Encrypted:	false
Size:	705061
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\ur.pak
Category:	dropped
Dump:	ur.pak.1.dr
ID:	dr_37
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.143761316646653
Encrypted:	false
Size:	617109
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\vi.pak
Category:	dropped
Dump:	vi.pak.1.dr
ID:	dr_39
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	5.7988900625034185
Encrypted:	false
Size:	488196
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\zh-CN.pak
Category:	dropped
Dump:	zh-CN.pak.1.dr
ID:	dr_41
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	6.680890808929274
Encrypted:	false
Size:	354097
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\locales\zh-TW.pak
Category:	dropped
Dump:	zh-TW.pak.1.dr
ID:	dr_43
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	6.69437398216595
Encrypted:	false
Size:	350032
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\resources.pak
Category:	dropped
Dump:	resources.pak.1.dr
ID:	dr_47
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	7.995476669559971
Encrypted:	true
Size:	5245458
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\resources\app.asar
Category:	dropped
Dump:	app.asar.1.dr
ID:	dr_45
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	6.03118572140473
Encrypted:	false
Size:	52786714
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\resources\elevate.exe
Category:	dropped
Dump:	elevate.exe.1.dr
ID:	dr_65
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32 executable (console) Intel 80386, for MS Windows
Entropy:	6.442687067441468
Encrypted:	false
Size:	107520
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\snapshot_blob.bin
Category:	dropped
Dump:	snapshot_blob.bin.1.dr
ID:	dr_49
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	3.2521181832662194
Encrypted:	false
Size:	273328
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\v8_context_snapshot.bin
Category:	dropped
Dump:	v8_context_snapshot.bin.1.dr
ID:	dr_54
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	data
Entropy:	4.83735352889622
Encrypted:	false
Size:	588152
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\vk_swiftshader.dll
Category:	dropped
Dump:	vk_swiftshader.dll.1.dr
ID:	dr_76
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.335261874351837
Encrypted:	false
Size:	5334528
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\vk_swiftshader_icd.json
Category:	dropped
Dump:	vk_swiftshader_icd.json.1.dr
ID:	dr_55
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	JSON data
Entropy:	4.724752649036734
Encrypted:	false
Size:	106
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\7z-out\vulkan-1.dll
Category:	dropped
Dump:	vulkan-1.dll.1.dr
ID:	dr_77
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	6.558092096809165
Encrypted:	false
Size:	928256
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\SpiderBanner.dll
Category:	dropped
Dump:	SpiderBanner.dll.1.dr
ID:	dr_27
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	5.5347224014600345
Encrypted:	false
Size:	9216
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\StdUtils.dll
Category:	dropped
Dump:	StdUtils.dll.1.dr
ID:	dr_26
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Entropy:	6.729923587623207
Encrypted:	false
Size:	102400
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\System.dll
Category:	dropped
Dump:	System.dll.1.dr
ID:	dr_25
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	5.719859767584478
Encrypted:	false
Size:	12288
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\app-64.7z
Category:	dropped
Dump:	app-64.7z.1.dr
ID:	dr_28
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	7-zip archive data, version 0.4
Entropy:	7.999994780343832
Encrypted:	true
Size:	82095823
Whitelisted:	false

Details

File:	C:\Users\user\AppData\Local\Temp\nsgECD3.tmp\nsis7z.dll
Category:	dropped
Dump:	nsis7z.dll.1.dr
ID:	dr_29
Target ID:	1
Process:	C:\Users\user\Desktop\SenPalia.exe
Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Entropy:	6.584811966667578
Encrypted:	false
Size:	434176
Whitelisted:	false

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
SenPalia.exe

Files

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportSenPalia.exe

Files

IOC Report
SenPalia.exe