fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d

Analysis

max time kernel
24s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
11-10-2022 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
Size

74KB
MD5

787c3a50bd5f69009157e7225e316183
SHA1

ba442299ce4d10dfc98368c79d91544edc310202
SHA256

fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d
SHA512

549abcf0fa4b9f4b03d80b4511a97fba2e6bd5952a41877334c196ef440ab8dd38ee78f2306918c1e92a4c8830634d0e94799020ac1ed84fd601804691a26acc
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDz7upR+p:lV2BZVPlFlnxClFvLLcA+sPDz7uY

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 16 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\BattleField 1942(cdfix).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\UT2004_cdfix.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\Quake3 + trainer.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Half-Life 2(hack).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Sims 2(codes).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(cdfix).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Quake3 + trainer.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\Doom 3(serial).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Counter-Strike(hack).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2(hack).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike(hack).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\DAoC patch.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File opened for modification	C:\Windows\win32dc\DAoC patch.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Half-Life 2_codes.exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Counter-Strike(cdfix).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
File created	C:\Windows\win32dc\Doom 3(serial).exe	fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe

C:\Users\Admin\AppData\Local\Temp\fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe
"C:\Users\Admin\AppData\Local\Temp\fad142fb28db0680bf9902bd33ddd25f0c851cb2caa7bde274e3211a373d396d.exe"
1⤵
- Drops file in Windows directory
PID:548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/548-54-0x0000000076171000-0x0000000076173000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads