Overview

overview

10

Static

static

021a38e142...3c.exe

windows7_x64

10

021a38e142...3c.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    1s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    23-05-2022 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe

  • Size

    235KB

  • MD5

    30f01fd9b8165d8070ae5c28efda32ab

  • SHA1

    5d9edd1f5333c924a0b2a47b0a70b56d4994520c

  • SHA256

    021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

  • SHA512

    28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

Score
10/10
suricata

Malware Config

Signatures

  • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

    suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

    suricata
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe
    "C:\Users\Admin\AppData\Local\Temp\021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c.exe"
    1⤵
      PID:1752
      • C:\Windows\17651032116876391\winsgdp.exe
        C:\Windows\17651032116876391\winsgdp.exe
        2⤵
          PID:4800
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 1752 -s 580
          2⤵
          • Program crash
          PID:5104
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1752 -ip 1752
        1⤵
          PID:4496

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\17651032116876391\winsgdp.exe
          Filesize

          235KB

          MD5

          30f01fd9b8165d8070ae5c28efda32ab

          SHA1

          5d9edd1f5333c924a0b2a47b0a70b56d4994520c

          SHA256

          021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

          SHA512

          28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

          Download Submit
        • C:\Windows\17651032116876391\winsgdp.exe
          Filesize

          235KB

          MD5

          30f01fd9b8165d8070ae5c28efda32ab

          SHA1

          5d9edd1f5333c924a0b2a47b0a70b56d4994520c

          SHA256

          021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c

          SHA512

          28fc01bee8d75d7214a74f07c29ce520e90f47be1e0835118306d1e4bf21be2da560e90851fec8518ebd3fb6048703683275f227038943a0418dfc1e4986a0ed

          Download Submit
        • memory/1752-130-0x0000000000E90000-0x0000000000E98000-memory.dmp
          Filesize

          32KB

          Download
        • memory/1752-131-0x0000000000E90000-0x0000000000E98000-memory.dmp
          Filesize

          32KB

          Download
        • memory/1752-132-0x0000000000400000-0x0000000000C42000-memory.dmp
          Filesize

          8.3MB

          Download
        • memory/4800-133-0x0000000000000000-mapping.dmp
          Download
        • memory/4800-136-0x0000000000CD0000-0x0000000000CD7000-memory.dmp
          Filesize

          28KB

          Download
        • memory/4800-138-0x0000000000400000-0x0000000000C42000-memory.dmp
          Filesize

          8.3MB

          Download
        • memory/4800-137-0x0000000000CD0000-0x0000000000CD7000-memory.dmp
          Filesize

          28KB

          Download