Analysis
-
max time kernel
9s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
20-10-2022 18:14
Behavioral task
behavioral1
Sample
7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe
-
Size
92KB
-
MD5
a0445f26f5be3d0020aa93320378b930
-
SHA1
4077bfb4c93485b9d279a12e0cc0384dbc2ecb94
-
SHA256
7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae
-
SHA512
42fa0a6ed35e5d973aca1ba6f256cc4526342cdfcfea22cadfaa4ca36c13f911ceac829eca53fdedc4a03fd7d3bdf593c090ef7de9544df491b830536ba5de9b
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSxNHPkTGmjA8Yd8I7B8FbV2:5JjcF8KfCOcjk+guPVjSx010t8l9V2
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1636-54-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral1/memory/1636-55-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\AIM Account Hacker.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\sexy hot teens gettin busy in shower.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\XXX Porn Passwords.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\extremely fine hoine with incredible sweet twat.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\yummy lesbos licking wet pussy holes.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\hard 3 way fuck in car shop.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\illegal porno - 15 year old raped by two men on boat.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\blonde showing her pussy to her neighbor.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\two teenie boppers learning to eat pussy.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\violent preteen gang bang illegal.mpg.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\GTA 3 Crack.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\anastasia nude.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\blonde on couch gettin tight anal fucking.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\winxcfg.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\young slut being pound in all her tight holes.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\mature show older pussy and happy to do it.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\14 year old on beach.mpg.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\Bondage Fetish Foot Cum.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\kitty-cat with horny beaver that needs licking.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\horny little blonde spreading pink.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\hot blonde teen sucking old dick.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\tight anal fucking like you want it.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\teen tied up and raped.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\Britney Spears Dance Beat.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\Universal Game Crack.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\two kinky old lezbos snapping the whip.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\two large black bones in a small white box.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\ass ripping interracial fuckin.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\Choke on cum (sodomy, rape).mpg.exe 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\two teen lesbians with dildo having fun.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\sexy brunette showing her bod outside the house.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\teen spreading in the kitchen.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe File created C:\Windows\SysWOW64\macromd\babe celebrating new years naked and spreading cunt.mpg.pif 7b053904ed56dcd4057ecec938d93be1b496afedc6e816f048140e554068dfae.exe