311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434

Analysis

max time kernel
167s
max time network
172s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07/11/2022, 13:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
Size

532KB
MD5

08c9228b7ff01399c5a2c73ba1517cc0
SHA1

2c5b8811284567b67cdc3ec7b46a491ac9a97b0f
SHA256

311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434
SHA512

793403753ca0842512454f11470f692eef1058e9c959a3a321339c13852b83bb568961cbef805459d441e7296f6ad24db32471f5c4d4c755299278b9a0c13911
SSDEEP

6144:dTJFBDQuZhSl+kfbjUl9oGvSWlL24atTBJSr:dTJ4uulDTjACeSP4atTe

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 1 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	35.205.61.67

Suspicious behavior: EnumeratesProcesses 48 IoCs

pid	Process
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
4184	311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe

C:\Users\Admin\AppData\Local\Temp\311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe
"C:\Users\Admin\AppData\Local\Temp\311b04f91a5795ec002df9f43cf96fa2ec77ec29f0e3ed539a20b35f994fe434.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4184

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads