Analysis

  • max time kernel
    80s
  • max time network
    105s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    15-04-2022 15:11

General

  • Target

    6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe

  • Size

    151KB

  • MD5

    af2f4618505a6a22952f66ebef784aee

  • SHA1

    31c7d4ad374b06de2176b212f7b4f190d9c1f62d

  • SHA256

    6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a

  • SHA512

    98446345396475d2b00f1862cf1c06dbcbfaa464edea70c687bec36331594376a21facbb09eced880f76770364eb1a0f972b33ad4febadcfac0bfb9aa28ce72b

Score
10/10

Malware Config

Signatures

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

  • OnlyLogger Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe
    "C:\Users\Admin\AppData\Local\Temp\6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe"
    1⤵
      PID:1908

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1908-54-0x000000000063B000-0x0000000000656000-memory.dmp

      Filesize

      108KB

    • memory/1908-55-0x0000000075FC1000-0x0000000075FC3000-memory.dmp

      Filesize

      8KB

    • memory/1908-57-0x0000000000220000-0x000000000024E000-memory.dmp

      Filesize

      184KB

    • memory/1908-56-0x000000000063B000-0x0000000000656000-memory.dmp

      Filesize

      108KB

    • memory/1908-58-0x0000000000400000-0x00000000004DF000-memory.dmp

      Filesize

      892KB