connect_ips.exe

General
Target

connect_ips.exe

Filesize

N/A

Completed

18-12-2019 04:29

Score
4 /10
SHA256

38a632c8d23aaddb53d7c0fb1d83a1414bbde238d84e6fa172149137b9ea09ac

Malware Config
Signatures 2

Filter: none

Discovery
  • Suspicious use of WriteProcessMemory
    connect_ips.exe

    Reported IOCs

    descriptionpidprocesstarget process
    PID 1992 wrote to memory of 14161992connect_ips.exeping.exe
    PID 1992 wrote to memory of 14361992connect_ips.exeping.exe
    PID 1992 wrote to memory of 15641992connect_ips.exeping.exe
    PID 1992 wrote to memory of 11201992connect_ips.exeping.exe
    PID 1992 wrote to memory of 18601992connect_ips.exeping.exe
  • Runs ping.exe
    ping.exeping.exeping.exeping.exeping.exe

    TTPs

    Remote System Discovery

    Reported IOCs

    pidprocess
    1416ping.exe
    1436ping.exe
    1564ping.exe
    1120ping.exe
    1860ping.exe
Processes 6
  • C:\Users\Admin\AppData\Local\Temp\connect_ips.exe
    "C:\Users\Admin\AppData\Local\Temp\connect_ips.exe"
    Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Windows\system32\ping.exe
      ping 203.130.0.69 "-c 5" "-i 3" "-w 10"
      Runs ping.exe
      PID:1416
    • C:\Windows\system32\ping.exe
      ping 192.161.190.171 "-c 5" "-i 3" "-w 10"
      Runs ping.exe
      PID:1436
    • C:\Windows\system32\ping.exe
      ping 80.93.48.49 "-c 5" "-i 3" "-w 10"
      Runs ping.exe
      PID:1564
    • C:\Windows\system32\ping.exe
      ping 206.189.112.148 "-c 5" "-i 3" "-w 10"
      Runs ping.exe
      PID:1120
    • C:\Windows\system32\ping.exe
      ping 206.81.10.215 "-c 5" "-i 3" "-w 10"
      Runs ping.exe
      PID:1860
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Replay Monitor
                        00:00 00:00
                        Downloads