dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3

Analysis

max time kernel
91s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 14:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
Size

139KB
MD5

90a6d016326b6d6574bdb2d5b22bfc30
SHA1

d3fefda683ca42f9bbb0b86a679ed07c80e84aef
SHA256

dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3
SHA512

66fa4b20348043cd415b45c96ac0dd12ecfe4b5a832e8f1fb63959f954c36258ffa7d0dfceb88e0d65fed7745607ccf6fc93e6268be2d61440e844a30baacf47
SSDEEP

3072:lV2BZVPlFlnxClFvLLcxr+sPDzAzsIGwtiivo8Xuc3O2uBQZy7LT/es037:bQrNFxwjwr+UAzmwtiivo8XVfCQZcGsm

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 19 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Half-Life 2(cheat).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Sims 2(hack).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\BattleField 1942 + crack.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\UT2004(cheat).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 + crack.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_serial.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\BattleField 1942(codes).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\Sims 2(cdfix).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Sims 2 + nocd.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\Sims 2 + nocd.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\Sims 2 + codes.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Counter-Strike_serial.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Half-Life 2(cheat).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(codes).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\UT2004(cheat).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Sims 2 + codes.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Counter-Strike crack.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike crack.exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
File created	C:\Windows\win32dc\Sims 2(cdfix).exe	dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3656	4904	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe
"C:\Users\Admin\AppData\Local\Temp\dbdf20f5a1ee1ff1098d12045521aa550ae7a09c8a152369c5f60e51f89f9de3.exe"
1⤵
- Drops file in Windows directory
PID:4904
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4904 -s 544
  2⤵
  - Program crash
  PID:3656

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4904 -ip 4904
1⤵
PID:2416

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads