Analysis Overview
SHA256
5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d
Threat Level: Known bad
The file 5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d was found to be: Known bad.
Malicious Activity Summary
Oski family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-04-18 16:20
Signatures
Oski family
Analysis: behavioral1
Detonation Overview
Submitted
2022-04-18 16:20
Reported
2022-04-19 00:09
Platform
win7-20220414-en
Max time kernel
150s
Max time network
152s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d.exe
"C:\Users\Admin\AppData\Local\Temp\5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | mastercard.ru.com | udp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
Files
memory/536-54-0x0000000075B61000-0x0000000075B63000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-04-18 16:20
Reported
2022-04-19 00:09
Platform
win10v2004-20220414-en
Max time kernel
134s
Max time network
154s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d.exe
"C:\Users\Admin\AppData\Local\Temp\5bf3fefe508e2a5938409fe8c02b1ec86c90be0d0dcea17a2b18a974e23de64d.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | mastercard.ru.com | udp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| US | 104.208.16.89:443 | tcp | |
| NL | 8.238.21.254:80 | tcp | |
| NL | 8.238.21.254:80 | tcp | |
| NL | 8.238.21.254:80 | tcp | |
| NL | 8.238.21.254:80 | tcp | |
| NL | 8.238.21.254:80 | tcp | |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |
| RU | 95.142.38.234:80 | mastercard.ru.com | tcp |