Analysis

  • max time kernel
    29s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    19/04/2022, 04:06

General

  • Target

    00_300us.exe

  • Size

    347KB

  • MD5

    88d5c0bff7ccbc87e94adf5aed73e1d9

  • SHA1

    8d4e1c37d3cee528d4cc43f33aa001ce5ac5e3c9

  • SHA256

    22e463d29590a7485292819597991bcd06bf8ceceebf567c955f294dc542711a

  • SHA512

    dca5f477161cb6ac8fdf7720d4070470128ab171a20eca3f8768d7bd85085e7755264dffdf71eb3c8498a03394810fff33e7c0dbbe16ce41e5df218c5dfc8778

Score
10/10

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://45.138.157.138/ZSnH91i5Xb.php

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\00_300us.exe
    "C:\Users\Admin\AppData\Local\Temp\00_300us.exe"
    1⤵
      PID:1908

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1908-54-0x00000000002EE000-0x0000000000305000-memory.dmp

            Filesize

            92KB

          • memory/1908-56-0x00000000001B0000-0x00000000001D9000-memory.dmp

            Filesize

            164KB

          • memory/1908-55-0x00000000002EE000-0x0000000000305000-memory.dmp

            Filesize

            92KB

          • memory/1908-57-0x0000000000400000-0x0000000000462000-memory.dmp

            Filesize

            392KB

          • memory/1908-58-0x0000000075FC1000-0x0000000075FC3000-memory.dmp

            Filesize

            8KB