f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01

Analysis

max time kernel
41s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02/10/2022, 15:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
Size

78KB
MD5

5b873187f265205f1ea4f00a7467104d
SHA1

55172fea8f2fe582d0e9370b22fea6f2c036833d
SHA256

f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01
SHA512

9774306e2e911365d56a3ae67fa70dc1dfff6cbe00154a23bf4b4189d92646d42e4ef4410854b98c3296ff4b3d5c857ce22b7a937ca9edf2e2dd7f567f38bc09
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzC1rqBfiC:lV2BZVPlFlnxClFvLLcA+sPDzQCT

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\NmiXuZkOH.com	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe

Drops file in Windows directory 16 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\DAoC(codes).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\Doom 3 codes.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Counter-Strike_trainer.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_trainer.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\BattleField 1942 codes.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Half-Life 2(serial).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2(serial).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\BattleField 1942 + trainer.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Half-Life 2 nocd.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\FlatOut(cheat).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Sims 2 + cheat.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\FlatOut(cheat).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\DAoC(codes).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 + trainer.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Doom 3(cheat).exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
File created	C:\Windows\win32dc\Doom 3 codes.exe	f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe

C:\Users\Admin\AppData\Local\Temp\f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe
"C:\Users\Admin\AppData\Local\Temp\f1220b88ece6cdb9ebcb389ec41c5585c6c6c13c8022a944c6767b8f5390fb01.exe"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2016-54-0x0000000075661000-0x0000000075663000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads