Analysis
-
max time kernel
2s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
30-06-2022 19:26
General
-
Target
REVISE ORDER.exe
-
Size
804KB
-
MD5
cf41831924a9e271522a59b8cfa7e9bc
-
SHA1
624d9d1ff349e8fddfb93dfb277c3f93d20cd625
-
SHA256
069f0dc72189e7faf5278aabd6ba9f53c386023f9d7d8ab863896e43f6a4e456
-
SHA512
562e01c7c9d935cab4b980407dc8955316bfd3acc61db304ab06df6e37dcccf9d77f0fb5c6907f4dfde751a5b4635879d1a34e7bb119fba0e1e32fd2abb6dedd
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
Processes
-
C:\Users\Admin\AppData\Local\Temp\REVISE ORDER.exe"C:\Users\Admin\AppData\Local\Temp\REVISE ORDER.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1632-54-0x0000000000D60000-0x0000000000E30000-memory.dmpFilesize
832KB
-
memory/1632-55-0x0000000006EC0000-0x0000000006F6A000-memory.dmpFilesize
680KB
-
memory/1632-56-0x0000000074DE1000-0x0000000074DE3000-memory.dmpFilesize
8KB