7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34 | Triage

Analysis

max time kernel
142s
max time network
151s
platform
windows7_x64
resource
win7-en-20210920
submitted
01/11/2021, 14:48

Sharing

Report Analysis Logs

General

Target

7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34.exe
Size

25KB
MD5

019c4917d753016c0647f7f1effb43b6
SHA1

17871a0c80f3ec1962476f26226b268cdf94a532
SHA256

7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34
SHA512

35a624855b45be749a2a950e66d3eba9bc5b5da6a18e25e8030320738bb02465bf42289b0f681ec5443ce36e536ab35229045806be1efff301408e01589f0313

Score

6^/10

Malware Config

Signatures

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
4	api.ipify.org

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
580	7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34.exe
580	7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34.exe

C:\Users\Admin\AppData\Local\Temp\7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34.exe
"C:\Users\Admin\AppData\Local\Temp\7cf777f2e78836e511d0b7433306eb52e8a598525661ac36412ef914a9622e34.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/580-54-0x0000000075BD1000-0x0000000075BD3000-memory.dmp

Filesize
8KB

Download