56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2

Analysis

max time kernel
198s
max time network
185s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
06/11/2022, 11:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
Size

80KB
MD5

0a3c24a6dc23b5879d8d22d96d990981
SHA1

eff51daed4baaf30bfd19505087aee1acf52f911
SHA256

56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2
SHA512

d89bf8c1a4c4ba6c1974ee21213393ee74534405f1829dc3777557da37444b858ee1386e7654493f1b85bd6558582c733c41931f5482897c4b73984c8fc12e2b
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzzLEIRfT:lV2BZVPlFlnxClFvLLcA+sPDzzLEIRfT

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Quake3_hack.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Counter-Strike(fix).exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\Quake3_codes.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\Quake3_trainer.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\BattleField 1942 + serial.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Sims 2(trainer).exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\Sims 2_nocd.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 codes.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Quake3_codes.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\UT2004 crack.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Silent Hill 4 codes.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Quake3_hack.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Sims 2_nocd.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\UT2004 crack.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\Quake3_trainer.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File opened for modification	C:\Windows\win32dc\Sims 2(trainer).exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
File created	C:\Windows\win32dc\FlatOut patch.exe	56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe

C:\Users\Admin\AppData\Local\Temp\56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe
"C:\Users\Admin\AppData\Local\Temp\56f178eb35fa17de9119808ade33295dd859b1ab320a0850d8cd17d3d497fcf2.exe"
1⤵
- Drops file in Windows directory
PID:4604

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads