Analysis

  • max time kernel
    152s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    15-04-2022 15:11

General

  • Target

    6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe

  • Size

    151KB

  • MD5

    af2f4618505a6a22952f66ebef784aee

  • SHA1

    31c7d4ad374b06de2176b212f7b4f190d9c1f62d

  • SHA256

    6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a

  • SHA512

    98446345396475d2b00f1862cf1c06dbcbfaa464edea70c687bec36331594376a21facbb09eced880f76770364eb1a0f972b33ad4febadcfac0bfb9aa28ce72b

Score
10/10

Malware Config

Signatures

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

  • OnlyLogger Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe
    "C:\Users\Admin\AppData\Local\Temp\6b6014795efb945e988b0f6e5cccf6d948475e580f6c7c82f2f6ab1d02a2309a.exe"
    1⤵
      PID:1120

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1120-130-0x00000000006D8000-0x00000000006F3000-memory.dmp

      Filesize

      108KB

    • memory/1120-131-0x00000000006D8000-0x00000000006F3000-memory.dmp

      Filesize

      108KB

    • memory/1120-132-0x0000000000670000-0x000000000069E000-memory.dmp

      Filesize

      184KB

    • memory/1120-133-0x0000000000400000-0x00000000004DF000-memory.dmp

      Filesize

      892KB