6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf | Triage

Analysis

max time kernel
48s
max time network
135s
platform
windows7_x64
resource
win7-20220414-en
submitted
25-06-2022 06:45

Sharing

Report Analysis Logs

General

Target

6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf.exe
Size

25KB
MD5

f5f24f1f12f570fbc6c2322dbb791765
SHA1

037725c071e9f0de3648cf8cdbe69bb9ebdeda57
SHA256

6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf
SHA512

0d8e6391960c53345ea4bbc68bfb4410a8fa588b11bb463783663b5105f91afa9612b03ad50bd84b48c4e23133d0a27025ed5665e1cc76d7ad3722c306dbade7

Score

6^/10

Malware Config

Signatures

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
3	api.ipify.org

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1728	6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf.exe

C:\Users\Admin\AppData\Local\Temp\6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf.exe
"C:\Users\Admin\AppData\Local\Temp\6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1728-54-0x0000000075381000-0x0000000075383000-memory.dmp

Filesize
8KB

Download