02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7

Analysis

max time kernel
184s
max time network
191s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
20/10/2022, 01:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
Size

80KB
MD5

a22b68d662e9641f0782da6553aa4de2
SHA1

a258667cd7f42b0356631266cd31da2c5c70dd85
SHA256

02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7
SHA512

296ffed742d5e6df95bf2402365b9b45f4f417cda5474fcab0b041a80f78667d5cf9fadcd1868252512e1427319e5d8cbab40dbf810c156ff43465bc9649721c
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzhagu1xhvWOIZES:lV2BZVPlFlnxClFvLLcA+sPDzhagWgZ/

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 20 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Quake3 nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Quake3_patch.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Sims 2_cdfix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_cheat.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 + fix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Quake3(crack).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4_nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Sims 2_cdfix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\BattleField 1942 + fix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Sims 2 + fix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Quake3 nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Quake3_patch.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Counter-Strike_cheat.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Quake3(crack).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\sYunhxu.com	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942_crack.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\BattleField 1942_crack.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File opened for modification	C:\Windows\win32dc\Sims 2 + fix.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Doom 3(cheat).exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
File created	C:\Windows\win32dc\Silent Hill 4_nocd.exe	02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe

C:\Users\Admin\AppData\Local\Temp\02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe
"C:\Users\Admin\AppData\Local\Temp\02cf20a0ae432d3b1b0d36da3982e051ad791ca943aac4dbda96f4e464d852b7.exe"
1⤵
- Drops file in Windows directory
PID:2768

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads