Overview

overview

7

Static

static

flokibot_0...ir.exe

windows7_x64

7

flokibot_0...ir.exe

windows10_x64

7

Analysis

  • max time kernel
    150s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    19-07-2020 16:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    flokibot_0.0.0.12.vir.exe

  • Size

    232KB

  • MD5

    5649e7a200df2fb85ad1fb5a723bef22

  • SHA1

    b057d20122048001850afeca671fd31dbcdd1c76

  • SHA256

    5e1967db286d886b87d1ec655559b9af694fc6e002fea3a6c7fd3c6b0b49ea6e

  • SHA512

    9bb3fb0410d4b8ae36e9bcc8dc75de5369c0de765dfaa3e5a2f451df5b162ad65166012f6d504cb9400fb9b66bb6a52eebac329496d402920bc67d16e047cbc5

Score
7/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs
  • Suspicious behavior: MapViewOfSection 3 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Deletes itself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 58 IoCs
  • Drops startup file 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\flokibot_0.0.0.12.vir.exe
    "C:\Users\Admin\AppData\Local\Temp\flokibot_0.0.0.12.vir.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetThreadContext
    PID:3076
    • C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\SysWOW64\explorer.exe"
      2⤵
      • Deletes itself
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious behavior: EnumeratesProcesses
      • Drops startup file
      PID:4008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3076-0-0x00000000022E0000-0x00000000022E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4008-1-0x0000000000190000-0x0000000000191000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4008-2-0x0000000000190000-mapping.dmp
    Download
  • memory/4008-3-0x0000000004840000-0x0000000004841000-memory.dmp
    Filesize

    4KB

    Download