Analysis

  • max time kernel
    45s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23-05-2022 21:35

General

  • Target

    4b0ea56eed352ef01b206f2786a7f1ae15bf80ad34d5d22fe4a062476ecc90ff.exe

  • Size

    2MB

  • MD5

    85b670f8b603b4e98b4f98b768fe4f51

  • SHA1

    0af8e83b6c7ee37f6a8d6072d3f946b4d44961c9

  • SHA256

    4b0ea56eed352ef01b206f2786a7f1ae15bf80ad34d5d22fe4a062476ecc90ff

  • SHA512

    028e7c9f72add20234f1354fc619a1e3f29c6e78157c7b96dd6b20c8ebb8e895b5bc25280dca13a5499fe1020e57e903050638dad13f2263b14a440913295528

Score
9/10

Malware Config

Signatures

  • Contacts a large (6365) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • GoLang User-Agent 3 IoCs

    Uses default user-agent string defined by GoLang HTTP packages.

Processes

  • C:\Users\Admin\AppData\Local\Temp\4b0ea56eed352ef01b206f2786a7f1ae15bf80ad34d5d22fe4a062476ecc90ff.exe
    "C:\Users\Admin\AppData\Local\Temp\4b0ea56eed352ef01b206f2786a7f1ae15bf80ad34d5d22fe4a062476ecc90ff.exe"
    1⤵
      PID:1464

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Discovery

    Network Service Scanning

    2
    T1046

    Replay Monitor

    Loading Replay Monitor...

    Downloads