Overview

overview

10

Static

static

021a38e142...3c.exe

windows7_x64

10

021a38e142...3c.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    0s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23-05-2022 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe

  • Size

    235KB

  • MD5

    30f01fd9b8165d8070ae5c28efda32ab

  • SHA1

    5d9edd1f5333c924a0b2a47b0a70b56d4994520c

  • SHA256

    021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

  • SHA512

    28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

Score
10/10
suricata

Malware Config

Signatures

  • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

    suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

    suricata

Processes

  • C:\Users\Admin\AppData\Local\Temp\021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe
    "C:\Users\Admin\AppData\Local\Temp\021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe"
    1⤵
      PID:1452
      • C:\Windows\3807569515906777\winylkb.exe
        C:\Windows\3807569515906777\winylkb.exe
        2⤵
          PID:1504

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Windows\3807569515906777\winylkb.exe
        Filesize

        235KB

        MD5

        30f01fd9b8165d8070ae5c28efda32ab

        SHA1

        5d9edd1f5333c924a0b2a47b0a70b56d4994520c

        SHA256

        021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

        SHA512

        28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

        Download Submit
      • C:\Windows\3807569515906777\winylkb.exe
        Filesize

        235KB

        MD5

        30f01fd9b8165d8070ae5c28efda32ab

        SHA1

        5d9edd1f5333c924a0b2a47b0a70b56d4994520c

        SHA256

        021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

        SHA512

        28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

        Download Submit
      • \Windows\3807569515906777\winylkb.exe
        Filesize

        235KB

        MD5

        30f01fd9b8165d8070ae5c28efda32ab

        SHA1

        5d9edd1f5333c924a0b2a47b0a70b56d4994520c

        SHA256

        021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

        SHA512

        28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

        Download Submit
      • \Windows\3807569515906777\winylkb.exe
        Filesize

        235KB

        MD5

        30f01fd9b8165d8070ae5c28efda32ab

        SHA1

        5d9edd1f5333c924a0b2a47b0a70b56d4994520c

        SHA256

        021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

        SHA512

        28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

        Download Submit
      • memory/1452-54-0x0000000000D93000-0x0000000000D9A000-memory.dmp
        Filesize

        28KB

        Download
      • memory/1452-55-0x0000000075EF1000-0x0000000075EF3000-memory.dmp
        Filesize

        8KB

        Download
      • memory/1452-56-0x0000000000D93000-0x0000000000D9A000-memory.dmp
        Filesize

        28KB

        Download
      • memory/1452-57-0x0000000000400000-0x0000000000C42000-memory.dmp
        Filesize

        8.3MB

        Download
      • memory/1504-60-0x0000000000000000-mapping.dmp
        Download
      • memory/1504-62-0x0000000000D13000-0x0000000000D1A000-memory.dmp
        Filesize

        28KB

        Download
      • memory/1504-64-0x0000000000D13000-0x0000000000D1A000-memory.dmp
        Filesize

        28KB

        Download
      • memory/1504-65-0x0000000000400000-0x0000000000C42000-memory.dmp
        Filesize

        8.3MB

        Download