Analysis Overview
SHA256
411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab
Threat Level: Known bad
The file 411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab was found to be: Known bad.
Malicious Activity Summary
Blackcat family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-10-03 19:16
Signatures
Blackcat family
Analysis: behavioral1
Detonation Overview
Submitted
2022-10-03 19:16
Reported
2022-10-03 19:19
Platform
win7-20220812-en
Max time kernel
24s
Max time network
45s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab.exe
"C:\Users\Admin\AppData\Local\Temp\411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab.exe"
Network
Files
memory/860-54-0x0000000075071000-0x0000000075073000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-10-03 19:16
Reported
2022-10-03 19:19
Platform
win10v2004-20220812-en
Max time kernel
124s
Max time network
147s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab.exe
"C:\Users\Admin\AppData\Local\Temp\411cc3a5c9db2e736109603a415d12e5b8bfc84ab6fc5e5edf1ce98aafd004ab.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | f.7.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa | udp |
| NL | 87.248.202.1:80 | tcp | |
| GB | 51.132.193.104:443 | tcp | |
| IE | 212.82.100.137:80 | tcp | |
| NL | 87.248.202.1:80 | tcp | |
| NL | 87.248.202.1:80 | tcp | |
| US | 8.247.210.254:80 | tcp |