574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4 | Triage

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
24-07-2022 23:42

Sharing

Report Analysis Logs

General

Target

574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4.exe
Size

296KB
MD5

3b631a3c34fbd7e1a670dd0730cf5fff
SHA1

8a01aece067896f3a23dd3fe7f9fb2cc3ba7b969
SHA256

574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4
SHA512

6f589ddf8d7d7ac657cc3ea4c423356d8afb91a932432c2b889233a4e15d499b547958d10c9b767e9d4f4061d0072f10608f2d758effe93738318e850f44945a

Score

10^/10

suricata

Malware Config

Signatures

suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata
Drops file in Windows directory 1 IoCs

Processes:

574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4.exe

description ioc process

File created C:\Windows\Tasks\FileReserve.job 574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4.exe

C:\Users\Admin\AppData\Local\Temp\574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4.exe
"C:\Users\Admin\AppData\Local\Temp\574a56e5a78a92eb1923a36e1a88d12853b7befa5bb993b0fe514116b2f3f4e4.exe"
1⤵
- Drops file in Windows directory
PID:1276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1276-130-0x0000000000900000-0x000000000092F000-memory.dmp

Filesize
188KB

Download