Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
19-04-2022 12:50
General
-
Target
2737ad9cc96e5de2eb6168b13797a46771b897ed3e2ebd5f1b68da0a8b065596.exe
-
Size
298KB
-
MD5
d624b833b5852fee03fa71b1f0188b91
-
SHA1
e849bf579e9e27b75478f544f9c760fee46d30d7
-
SHA256
2737ad9cc96e5de2eb6168b13797a46771b897ed3e2ebd5f1b68da0a8b065596
-
SHA512
847d1bac3f055cb481879ae54357501a4858160f1c1b2c8fdfe540b7fd63d056171865a8a28e213f24de646b0489776dc1fb5b4cf604b5c5257703e213aa5e6d
Score
10/10
Malware Config
Signatures
-
RevcodeRat, WebMonitorRat
WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.
-
Unexpected DNS network traffic destination 6 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Suspicious behavior: RenamesItself 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2737ad9cc96e5de2eb6168b13797a46771b897ed3e2ebd5f1b68da0a8b065596.exe"C:\Users\Admin\AppData\Local\Temp\2737ad9cc96e5de2eb6168b13797a46771b897ed3e2ebd5f1b68da0a8b065596.exe"1⤵
- Adds Run key to start application
- Suspicious behavior: RenamesItself
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1708-54-0x0000000075A61000-0x0000000075A63000-memory.dmpFilesize
8KB