Overview

overview

10

Static

static

New Order List.exe

windows7_x64

10

New Order List.exe

windows10-2004_x64

6

Analysis

  • max time kernel
    81s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    20-05-2022 14:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    New Order List.exe

  • Size

    651KB

  • MD5

    ef3ca842b9c00a0bc3c40cb0c547180e

  • SHA1

    decbd80b7215eef9049542b529986359fea02ff9

  • SHA256

    cc223497fe89e227d0696798ffd12ef6037ee71dfe047483f6a8f1be69bf5754

  • SHA512

    4bd7eaf9b7c2c4c78b14788549cb71da2eb8074b81c786a6a8b0e03677a9bd1c89118a47ecd150249b46dab4798f0b00c4a5f40e15cd0a629243f90548eceede

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\New Order List.exe
    "C:\Users\Admin\AppData\Local\Temp\New Order List.exe"
    1⤵
      PID:4844
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4844 -s 1452
        2⤵
        • Program crash
        PID:4264
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 4844 -ip 4844
      1⤵
        PID:5012

      Network

      MITRE ATT&CK Matrix ATT&CK v6

      Initial Access

      Execution

      Persistence

      Privilege Escalation

      Defense Evasion

      Credential Access

      Discovery

      Lateral Movement

      Collection

      Exfiltration

      Command and Control

      Web Service

      1
      T1102

      Impact

      Replay Monitor

      Loading Replay Monitor...

      Downloads