55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d | Triage

Analysis

max time kernel
157s
max time network
170s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
25-07-2022 06:17

Sharing

Report Analysis Logs

General

Target

55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d.exe
Size

345KB
MD5

2b1b14d381604aec54a2dcaf6492e55d
SHA1

c9996952fd0826a5657a68658b3151fa010f5dac
SHA256

55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d
SHA512

f052f047dce8744be036a9c8e1e348ac3b579875db041ceded0d446508a2e6b61eae64fbc8a782f6d60194dce98181edbc37799fd3275511a12d32ae46a4c247

Score

10^/10

suricata

Malware Config

Signatures

suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
suricata
Drops file in Windows directory 1 IoCs

Processes:

55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d.exe

description ioc process

File created C:\Windows\Tasks\HealthTech.job 55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d.exe

C:\Users\Admin\AppData\Local\Temp\55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d.exe
"C:\Users\Admin\AppData\Local\Temp\55f7a3dc8264e0089dd02e092c31f5bcd943435bb8ce1f5908decf82e6402b2d.exe"
1⤵
- Drops file in Windows directory
PID:1592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1592-130-0x0000000001A50000-0x0000000001A7F000-memory.dmp

Filesize
188KB

Download