56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f | Triage

Analysis

max time kernel
144s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
25-07-2022 01:42

Sharing

Report Analysis Logs

General

Target

56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f.exe
Size

283KB
MD5

5497cdf4e3d8f2c269fea75278df88a7
SHA1

43bad30d7a6e008cbf45da9b8b62dc051bba65d6
SHA256

56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f
SHA512

7a0494b9a15e119f5a708156f905745b88802a8b81fab4528bdc4b17c77638523f9d80ac448ba5075b6bb4bbc0500cea4beab3c9df72e3a082e3de798133042a

Score

10^/10

suricata

Malware Config

Signatures

suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata
Drops file in Windows directory 1 IoCs

Processes:

56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f.exe

description ioc process

File created C:\Windows\Tasks\PocketSheets.job 56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f.exe

C:\Users\Admin\AppData\Local\Temp\56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f.exe
"C:\Users\Admin\AppData\Local\Temp\56c93f4883f3c77f61714c35103a8730f346c5abe803178d9571089d5046bc5f.exe"
1⤵
- Drops file in Windows directory
PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2220-130-0x00000000008F0000-0x000000000091F000-memory.dmp

Filesize
188KB

Download