d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac

Analysis

max time kernel
46s
max time network
51s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
06-11-2022 14:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
Size

78KB
MD5

06fcdb9e33c4c276a5c592823feadf21
SHA1

10d94f6bf3d0ca0a0723be87abd44061a09002dc
SHA256

d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac
SHA512

dd052e6149d015909168cf99cde80b7cb7ddd2b3297135b6971ab1e9bd82c788badef5248c66c4c67e89a8115c620f9cae1f4ec3c6e602f245c32bcd9379e619
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDz0GYGcsm:lV2BZVPlFlnxClFvLLcA+sPDztYGcZ

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 20 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Counter-Strike nocd.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike patch.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Counter-Strike trainer.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike trainer.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Quake3_fix.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\FlatOut_serial.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Counter-Strike_patch.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_patch.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Doom 3 crack.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Sims 2 + nocd.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Half-Life 2_serial.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Sims 2 + nocd.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2_serial.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Doom 3_crack.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\Quake3_fix.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File opened for modification	C:\Windows\win32dc\FlatOut_serial.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Doom 3 crack.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Counter-Strike nocd.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Counter-Strike patch.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
File created	C:\Windows\win32dc\Doom 3_crack.exe	d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe

C:\Users\Admin\AppData\Local\Temp\d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe
"C:\Users\Admin\AppData\Local\Temp\d0132b3e7e94bfcbe3d4be412e482630e60cb94e204a6c650b3388b183a753ac.exe"
1⤵
- Drops file in Windows directory
PID:1444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1444-54-0x0000000075D71000-0x0000000075D73000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads