Analysis Overview
SHA256
a50844184119e66e5d3a663be6d2d57d72a6748b6ce2d11974c688c8bc40d710
Threat Level: No (potentially) malicious behavior was detected
The file bd91abd60357f47d4a163df3fc27b795.exe was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2020-11-01 18:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2020-11-01 18:45
Reported
2020-11-01 18:47
Platform
win7v20201028
Max time kernel
151s
Max time network
12s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\bd91abd60357f47d4a163df3fc27b795.exe
"C:\Users\Admin\AppData\Local\Temp\bd91abd60357f47d4a163df3fc27b795.exe"
Network
Files
memory/1688-0-0x0000000002459000-0x000000000245A000-memory.dmp
memory/1688-1-0x0000000003E00000-0x0000000003E11000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2020-11-01 18:45
Reported
2020-11-01 18:47
Platform
win10v20201028
Max time kernel
76s
Max time network
122s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\bd91abd60357f47d4a163df3fc27b795.exe
"C:\Users\Admin\AppData\Local\Temp\bd91abd60357f47d4a163df3fc27b795.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | notsweets.net | udp |
| N/A | 142.93.7.219:443 | notsweets.net | tcp |
| N/A | 142.93.7.219:443 | notsweets.net | tcp |
Files
memory/4800-0-0x0000000002624000-0x0000000002625000-memory.dmp
memory/4800-1-0x0000000004190000-0x0000000004191000-memory.dmp
memory/4044-2-0x0000000003020000-0x0000000003048000-memory.dmp
memory/4044-3-0x0000000000000000-mapping.dmp