Overview

overview

10

Static

static

80a633c159...1d.exe

windows7-x64

10

80a633c159...1d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    3s
  • max time network
    98s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2022 21:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    80a633c15926e0a6dc3f3c81e630482c98d9da8974a7286f2a421e3a63c1111d.exe

  • Size

    5.4MB

  • MD5

    91e9402910f2c4fc5826a2eb38debae3

  • SHA1

    ce097a3cd07a0191a27539c4ec964c0ccb78c60d

  • SHA256

    80a633c15926e0a6dc3f3c81e630482c98d9da8974a7286f2a421e3a63c1111d

  • SHA512

    3b62914a36911bd74bf65c5b2a6e027e75a1df994ee7c092b927a831fa5daaf1a8ff6fe522c5cf199696144e89bbc147963a2418e3a5a12e6dd8d16de300bc0d

  • SSDEEP

    98304:n3K9cScv//PoIKHwnVA5d37Q6mjg69TBjIIj1XjEA6RTa5380CHPGWzH:n3UcNPOOVA5hQ6AX9TtHjEpRuKLvhz

Score
10/10
rmsrattrojan

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\80a633c15926e0a6dc3f3c81e630482c98d9da8974a7286f2a421e3a63c1111d.exe
    "C:\Users\Admin\AppData\Local\Temp\80a633c15926e0a6dc3f3c81e630482c98d9da8974a7286f2a421e3a63c1111d.exe"
    1⤵
      PID:2020
      • C:\Windows\SysWOW64\cmd.exe
        cmd /c ""C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\install.cmd" "
        2⤵
          PID:936
          • C:\Windows\SysWOW64\chcp.com
            chcp 1251
            3⤵
              PID:1308
            • C:\Windows\SysWOW64\msiexec.exe
              MsiExec /x {61FFA475-24D5-44FB-A51F-39B699E3D82C} /passive REBOOT=ReallySuppress
              3⤵
                PID:1696
              • C:\Windows\SysWOW64\msiexec.exe
                MsiExec /x {11A90858-40BB-4858-A2DA-CA6495B5E907} /passive REBOOT=ReallySuppress
                3⤵
                  PID:520
                • C:\Windows\SysWOW64\PING.EXE
                  ping 127.0.0.1
                  3⤵
                  • Runs ping.exe
                  PID:1312
                • C:\Windows\SysWOW64\msiexec.exe
                  MsiExec /I "rms.server5.1b1ru.msi" /qn
                  3⤵
                    PID:1536
              • C:\Windows\system32\msiexec.exe
                C:\Windows\system32\msiexec.exe /V
                1⤵
                  PID:1076

                Network

                MITRE ATT&CK Enterprise v6

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\install.cmd
                  Filesize

                  236B

                  MD5

                  6d782d2c99166fade652704ff59b554d

                  SHA1

                  6e43d82f0a3afc839170a4991a38d3dd9b9ecf77

                  SHA256

                  605e0fc37f7da4660da29145783c85fbac70cb9033c6f2e05deea48361760591

                  SHA512

                  016bc4783d3a1bc499e18b762ea3dc551b5669f580cf63227388b9d3b6ea79512bae3e69bb31cd20017200cef97982a7476c9cd8a54cf718cac59f1f4dd7da87

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\rms.server5.1b1ru.msi
                  Filesize

                  20KB

                  MD5

                  3832831ac56367f8039bde9d83436c75

                  SHA1

                  b34ef0d3f2528e26da7ae263b6d18b57be6c1b64

                  SHA256

                  8ead4c20317d1b04a57f47aabc8f276d9f02d41b4182d2fb1bd914fc297b10e0

                  SHA512

                  bc115319572d94cdc3319e2f4771fe72c4e046c5f347991d7a23b3eccb9a188bf624eb8f40b49bcaee41dcb2dfc7cd59a1ec58d8bf1a92d3da8078145cd7629f

                  Download Submit

                • memory/1076-60-0x000007FEFC2C1000-0x000007FEFC2C3000-memory.dmp

                  Filesize

                  8KB

                  Download

                • memory/2020-54-0x00000000756B1000-0x00000000756B3000-memory.dmp

                  Filesize

                  8KB

                  Download