Overview

overview

8

Static

static

8aad45af91...c9.exe

windows7-x64

8

8aad45af91...c9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    30s
  • max time network
    58s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-10-2022 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8aad45af9160c2ca8bd362c31dd37bf109766a96a9cacecb1aa848ce5d85f7c9.exe

  • Size

    255KB

  • MD5

    e3fa0d3cca9be11d133a560602deb27c

  • SHA1

    fbb90eb23a4457c24dbbcd05ee500ba2688e606a

  • SHA256

    8aad45af9160c2ca8bd362c31dd37bf109766a96a9cacecb1aa848ce5d85f7c9

  • SHA512

    aff7733b9493edac158329663df337cc6a7ee9c7c8b8630cc15d4c3d7d7dfaca64472480dc6d8f743b117cb5cf369c7f6e2d1b95efae63d94a25d4116080ee6b

  • SSDEEP

    3072:H8Lrufos9CJ3VqDH32GhNvozescJepkvAvOoRKONOG1:sB4L2GhN7ZkkvAvOoRK

Score
8/10
evasion

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\8aad45af9160c2ca8bd362c31dd37bf109766a96a9cacecb1aa848ce5d85f7c9.exe
    "C:\Users\Admin\AppData\Local\Temp\8aad45af9160c2ca8bd362c31dd37bf109766a96a9cacecb1aa848ce5d85f7c9.exe"
    1⤵
      PID:4508
      • C:\Users\Admin\AppData\Local\Temp\Trojan.exe
        "C:\Users\Admin\AppData\Local\Temp\Trojan.exe"
        2⤵
          PID:532
          • C:\Windows\SYSTEM32\netsh.exe
            netsh firewall add allowedprogram "C:\Users\Admin\AppData\Local\Temp\Trojan.exe" "Trojan.exe" ENABLE
            3⤵
            • Modifies Windows Firewall
            PID:4760

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\Trojan.exe
        Filesize

        18KB

        MD5

        2000a79c9b494bc08c9d7d643847ceb0

        SHA1

        48f607779b3f258473c7298633bfd72a8558ad07

        SHA256

        8495470ac059f8d1772a6b89a6b56a704bc97666f8f9fee121dd477bde7ab83a

        SHA512

        af92415b890a7a1cfdeed314d15bf0cd61d6c465148d56325fe9050d3e592520a832daee08c6f78711ad38cb01b9c4fe485eaabb4e3b5ed962a010e821a359b1

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\Trojan.exe
        Filesize

        25KB

        MD5

        83605429da541462328690edeeef4376

        SHA1

        9f7ea4e0a7d5d15660eef49041c3ccb699fde3cd

        SHA256

        ef003611616712c311d779c8c8dc3d2a0a9d48a8572671c9d9bd98dbf517628e

        SHA512

        d7a410dce1327b810f84ead5184032a1195edb6fe0d9141d9b97f2feba7a7881599ed68f12ba9bd07260f66aff4f825e2b44dfed996240280b771a18be3f0e18

        Download Submit

      • memory/532-136-0x00007FFFDC8F0000-0x00007FFFDD326000-memory.dmp

        Filesize

        10.2MB

        Download

      • memory/4508-132-0x00007FFFDC8F0000-0x00007FFFDD326000-memory.dmp

        Filesize

        10.2MB

        Download