Analysis
-
max time kernel
91s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
19/10/2022, 19:08
Behavioral task
behavioral1
Sample
2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe
-
Size
84KB
-
MD5
a151fe6d3f1ee43700b1667b8de50030
-
SHA1
b511bc2fa947b41c2548fc2f23fc9b8dd053b894
-
SHA256
2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d
-
SHA512
35cd7c90b0bbb29b1f60799fb60e0d7ec075e2f85ec530c270430fa005fd988883b5d4f44359765ab38c97ae143c09bcb91fb97bdba9d89fb337c512f0500e59
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSV8AEDuU4fADArN4:5JjcF8KfCOcjk+guPVjSVtEDu5fADArq
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/3068-132-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral2/memory/3068-133-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\hotmailhacker.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\hot girl on the beach sucking cock and fucking guy.mpg.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Two girls - Blonde and Brunette - Giving head.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\babes with an assortment of delicious big juggs.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Another bang bus victim forced rape sex cum.mpg.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\tiny little virgin showing off her cherry pussy.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\babe locking lips around her man's rod in backyard.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\two busty sluts fucked in bathroom.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\wife in kitchen preparing hot pussy for hubby's dinner.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\hardcored blonde mature.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\head rooster pimping hot little tender ass chickens.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\hot mature blonde in stockings.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Counter Strike CD Keygen.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\chubby girl bukkake gang banged sucking cock.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\horny teen waking up with her pink pussy spread.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\cute teen fingering herself on the sofa.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\blonde showing her pussy to her neighbor.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\older blonde showing she has the goods.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\2 horny babes doing 1 lucky dude.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\15 year old webcam.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\dude getting burned out trying to fuck 2 hot babes.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Hotmail Hacker.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Website Hacker.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\cute honie spreading flawless ass and juicy twat.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\dude getting off in lover's mouth at party.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\twin sisters tag teaming neighbors cock.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\chubby girl fucked from all angles xxx.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\15 year old on beach.mpg.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\AIM Flooder.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Britney spears nude.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\Jenna Jamison Dildo Humping.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\macromd\fun slut who let dude eat her off in jacuzzi.mpg.pif 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe File created C:\Windows\SysWOW64\winxcfg.exe 2b37c48abd7b9aa366d298bd623b8ac59a599bc321e4d97cc5ed11b359abb50d.exe