Analysis
-
max time kernel
146s -
max time network
155s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
01/11/2021, 14:48
General
-
Target
cf0e40628bf7472926605576ba2250520b5dc8cf99d9d6eb78357d4fcad4d278.exe
-
Size
26KB
-
MD5
dedec1a6104f9dfb8d7a4c592bffa6fe
-
SHA1
401bb6b5b5965e65b6c141f184e97a8494281aa9
-
SHA256
cf0e40628bf7472926605576ba2250520b5dc8cf99d9d6eb78357d4fcad4d278
-
SHA512
75ddad8c616dbba86dcb0c8fdcaf3e779124f58b5c37de4cca2c8c9db935867feae80e76f955b06b405b4cf866b4065f89b8ac5e78ee35ded06e89b4abc72703
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cf0e40628bf7472926605576ba2250520b5dc8cf99d9d6eb78357d4fcad4d278.exe"C:\Users\Admin\AppData\Local\Temp\cf0e40628bf7472926605576ba2250520b5dc8cf99d9d6eb78357d4fcad4d278.exe"1⤵
- Suspicious behavior: EnumeratesProcesses