02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7

Analysis

max time kernel
43s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
20/10/2022, 01:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
Size

80KB
MD5

a22b68d662e9641f0782da6553aa4de2
SHA1

a258667cd7f42b0356631266cd31da2c5c70dd85
SHA256

02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7
SHA512

296ffed742d5e6df95bf2402365b9b45f4f417cda5474fcab0b041a80f78667d5cf9fadcd1868252512e1427319e5d8cbab40dbf810c156ff43465bc9649721c
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzhagu1xhvWOIZES:lV2BZVPlFlnxClFvLLcA+sPDzhagWgZ/

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\KUezgGt.com	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe

Drops file in Windows directory 17 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\UT2004(hack).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(codes).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\UT2004_patch.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Half-Life 2_trainer.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Half-Life 2 fix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Doom 3 trainer.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Doom 3 trainer.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\DAoC + crack.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2_trainer.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Sims 2(cdfix).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Sims 2(cdfix).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\DAoC + crack.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\UT2004(hack).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\BattleField 1942(codes).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\UT2004_patch.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\BattleField 1942 nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe

C:\Users\Admin\AppData\Local\Temp\02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
"C:\Users\Admin\AppData\Local\Temp\02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
PID:1092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1092-54-0x0000000074C91000-0x0000000074C93000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads