0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85

Analysis

max time kernel
3s
max time network
40s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
30-06-2022 19:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe
Size

354KB
MD5

3a79ab637f283d9f5c69ceb7237ebcfb
SHA1

6c79951dff87f8e102571a49c2d7ac7621321d97
SHA256

0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85
SHA512

e550d50b0d3b78e3b655e02e70f00f08573a89138b86abb98c3a848f149d98cf49f62fd01aeb836f55dc7a05f72fa7dc4d6b22dad7d4c893b88622f6f6167d05

Score

1^/10

Malware Config

Signatures

Runs ping.exe 1 TTPs 1 IoCs

Remote System Discovery

T1018

pid	Process
2896	PING.EXE

C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe
"C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe"
1⤵
PID:2664
- C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe
  "C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe"
  2⤵
  PID:5012
- - C:\Windows\SysWOW64\Taskmgr.exe
    "C:\Windows\System32\Taskmgr.exe"
    3⤵
    PID:3684
- C:\Windows\SysWOW64\cmd.exe
  "C:\Windows\System32\cmd.exe" /C ping 1.1.1.1 -n 1 -w 1000 > Nul & Del "C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe"
  2⤵
  PID:4104

C:\Windows\SysWOW64\PING.EXE
ping 1.1.1.1 -n 1 -w 1000
1⤵
- Runs ping.exe
PID:2896

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

T1018

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe

Filesize
8KB

MD5
070406159ea2c2490372f28c8bc25a3b

SHA1
ca8c7714ff9824739588e70689e7d8675fdbfac6

SHA256
3d4e6e5ad9815869bc7fe8de5dfb406a9ddd024746828100663045951b21c4cd

SHA512
3431637ea8959bef6c699674e21fcc29e67d249e6eeb0e26b7c3aa3794fef791354b7d3f25effe7115a6eae13f764164a7979ba0e09b6c8fac907ae1ad73ac11

Download Submit
C:\Users\Admin\AppData\Local\Temp\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85\0e44d2322791910c8753f89a387dfa576c6bda0c73b5bd62ca689cf10ca96c85.exe

Filesize
10KB

MD5
1a549da74af5f914bd4110a2d1c832ca

SHA1
360fbaa68946e1bac4b8184ced40e4b04c7c5af7

SHA256
6e6c701affb441a99164b0f87605749e182c260db7101d69bed614be267b6b11

SHA512
ef60bf2a4404699bcdbfcc24acbf473470820fa369df3164b4815c3fdc3f75ccd8b200acc6d816b1d39c683967fe485a89d7fcd7fad4a33daba8c0d966e5aff6

Download Submit
memory/2664-130-0x00000000748F0000-0x0000000074EA1000-memory.dmp

Filesize
5.7MB

Download
memory/2664-138-0x00000000748F0000-0x0000000074EA1000-memory.dmp

Filesize
5.7MB

Download
memory/5012-134-0x00000000748F0000-0x0000000074EA1000-memory.dmp

Filesize
5.7MB

Download