6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90

Analysis

max time kernel
170s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
30/10/2022, 14:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
Size

83KB
MD5

9378605f99dfd9a4aee3edddb816c3b4
SHA1

6335dc68f7a50396e70e591622ded173f6076ded
SHA256

6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90
SHA512

f90266b03e0efb8e3744eb2568d2dcaad6071ee2d4aa894d8f2150d8c7f4b342f9c1fd4e07ea10d972a345830957a18eddc6e2d99a4f399c9fdbc47fbca7d771
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzCBgLg1ZQgDVVLbqyE:lV2BZVPlFlnxClFvLLcA+sPDzABogDVM

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 16 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Silent Hill 4 + hack.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\Sims 2_hack.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\DAoC + trainer.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\DAoC + trainer.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\Silent Hill 4(nocd).exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\FlatOut + serial.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\Doom 3 trainer.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\DAoC(cdfix).exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\Sims 2_hack.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\BattleField 1942_fix.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\Doom 3 trainer.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\FlatOut_crack.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\FlatOut_crack.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\DAoC(cdfix).exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File created	C:\Windows\win32dc\Half-Life 2 + codes.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 + codes.exe	6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe

C:\Users\Admin\AppData\Local\Temp\6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe
"C:\Users\Admin\AppData\Local\Temp\6b558664f4e2c183c08adb1303cfc1af27e20fbfbebe0f40c77593c47a8f3c90.exe"
1⤵
- Drops file in Windows directory
PID:1116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1116-54-0x0000000076031000-0x0000000076033000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads