8879a10fa8b3137d02af27622fc7e64cc96820269b8e0dd398c1d1c61a6a6c7f | Triage

Analysis

max time kernel
105s
max time network
137s
platform
windows10_x64
resource
win10-en-20211104
submitted
07-11-2021 14:39

Sharing

Report Analysis Logs

General

Target

socks.exe
Size

13KB
MD5

e4c8d559e5fc325eb083367b319da929
SHA1

cb14ececa050eeea5057b03568c6e100c9b8fc1b
SHA256

8879a10fa8b3137d02af27622fc7e64cc96820269b8e0dd398c1d1c61a6a6c7f
SHA512

80ea3a78b1add5e2f65f03a61a81d870a04a0345e8b6c8d2bcda12dd91e3c390455ebe2fd157b8ca6da65bafd3e7bcc1e5c30c42a0015ae366487c24d6c3204a

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 2 IoCs

Processes:

socks.exe

description ioc process

File created C:\Windows\Tasks\wow64.job socks.exe
File opened for modification C:\Windows\Tasks\wow64.job socks.exe

C:\Users\Admin\AppData\Local\Temp\socks.exe
"C:\Users\Admin\AppData\Local\Temp\socks.exe"
1⤵
- Drops file in Windows directory
PID:3064

C:\Users\Admin\AppData\Local\Temp\socks.exe
C:\Users\Admin\AppData\Local\Temp\socks.exe start
1⤵
PID:2008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads