Overview

overview

7

Static

static

d0b8c50053...ae.exe

windows7-x64

7

d0b8c50053...ae.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    174s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2022 10:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0b8c50053eb2bdfea8a96504788f2d45e50b3a55b120ed9197437c8e695dbae.exe

  • Size

    213KB

  • MD5

    04892490295d42d2a0f7af0349f27280

  • SHA1

    b6920152b0e5668e88f312bea0ba141cf50e11af

  • SHA256

    d0b8c50053eb2bdfea8a96504788f2d45e50b3a55b120ed9197437c8e695dbae

  • SHA512

    82845e1d22bf8771e67474251196a75d7ebe3add99a4229b683fe1b32a7f1c691eb92849a587261d9c37a3d9b32dcbaa3f4f93205ae933a3253cd067854e9a11

  • SSDEEP

    3072:tfKPw/6Nb8lktYpDzo83H6JrgboTlyMvXOqms0itTBf28V31:JKP9NCkt8zErgsTlXvXBmJitTBe8V31

Score
7/10

Malware Config

Signatures

  • Unexpected DNS network traffic destination 1 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Suspicious behavior: EnumeratesProcesses 48 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d0b8c50053eb2bdfea8a96504788f2d45e50b3a55b120ed9197437c8e695dbae.exe
    "C:\Users\Admin\AppData\Local\Temp\d0b8c50053eb2bdfea8a96504788f2d45e50b3a55b120ed9197437c8e695dbae.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads