Analysis
-
max time kernel
44s -
max time network
52s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
07-11-2022 07:34
Behavioral task
behavioral1
Sample
ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe
Resource
win7-20220901-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe
-
Size
93KB
-
MD5
0cab04296ad1ac54b23a1f6ed0beea70
-
SHA1
45e9053bd65eac59f63693bf37106fd6de81d94a
-
SHA256
ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758
-
SHA512
b7539d0fd293d3ea57673da5a30ca7509ead2329f4fffa6552e57616f6f25cf88ce5355e9db81ab3cab64b7f88ec4a0bb0d9c92c79648d4c063f282e7dc6be8f
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSIyvquDa3DnqHSlRrzQQbzHPOK:5JjcF8KfCOcjk+guPVjSIoIjlfBzmK
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1112-54-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral1/memory/1112-55-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\Free Porn.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\cool rooster raiding hen house for hot babes, link city.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\asian slut with puffy exotic lips.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\yahoo cracker.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\12 year old forced rape cum.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\old man fucking young blonde teen.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\winxcfg.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\honies with incredibly delicious big boobs.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\polish naturals with nice round titties.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\horny housewife looking for some action.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\strange asian ass odyssey.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\violent preteen gang bang illegal.mpg.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\fine babe spreading extremely hot ass and furball.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\two kinky old lezbos snapping the whip.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\Windows 2000.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\two hot college girl fucking in class.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\fat grannies action.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\Play Games Online For FREE.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\busty ebony girl showing shaved pus.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\drunk babes sharing a dick.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\GTA 3 Serial.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\MSN Password Hacker and Stealer.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\little brown cup-cake with plump boobs and sweet beaver.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\sexy blonde teasing pussy.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\aunt and nephew doing the nasty.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\robin throating and fucking.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\petite ebony enjoying her joy toy.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\CKY3 - Bam Margera World Industries Alien Workshop.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\AIM Account Stealer.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\honie with thick ass spreading her money maker.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\sister and brother gettin' freaky .mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\busty older bitch gets slammed.mpg.pif ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe File created C:\Windows\SysWOW64\macromd\teen tied up and raped.exe ab7d4cf383aa4619a2f4c796c19337c6f7440269b9be1f4a5b2094d268e5d758.exe