Analysis
-
max time kernel
162s -
max time network
181s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
23/11/2022, 21:24
Static task
static1
Behavioral task
behavioral1
Sample
ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe
Resource
win7-20220812-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe
-
Size
213KB
-
MD5
2ffc06528d3ad4da270111c6e622d485
-
SHA1
eb8905d2d5ef1925f83128535fccba3d4c45024d
-
SHA256
ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79
-
SHA512
0c5fa57f2597b924dc23a0f2b4db07f05db507ef5e208acab0d0fd4a85687f7283ef9836f917fe25e153ba1b239c3639cc7a8631049716ab8241078f7c312cf9
-
SSDEEP
768:tks+cAXJpB2TgpZnjJHk/OxJ+oFEZEM/4t:tjrAX5NjJHJ+oFE2M/4t
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\VMIntel386 = "C:\\Windows\\Intelx386\\VMIntel386.exe 256mb 32bit" ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\Intelx386\Download Accelerator Plus (DAP) (full version with serial).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WinZip 9.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pack Photoshop CS 8 plugins.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Solo para Maricas.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Winamp 5.0 (full version).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Nero 7.5.1.0 (cracked!).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\a pelo.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\FlashGet Max acceleration (Experimental).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WinRar 4 (with crack).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\GameCube Emulator.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Puta come mierda.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Chenoa en cueros.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\MSN messenger 6.3.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Silent Hill.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pack 25 Juegos GameCube.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\German extreme violation.mpg.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Sexo con una menor.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Follada brutal coño roto.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Matrix Wallpapers.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Hentai Shizuka clit.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pack Tonos y Logos para Nokia.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pack 50 Juegos PS2.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Update Photoshop 8.0 to Photoshop 9.5 (It´s Work!).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\RealOne Player (Full version).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\ContaWin 2000 (full version).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Hacha Profesional Edition.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\PSEmu.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Visual Basic 6.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Visual C.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Shinchan screen saver.scr ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\RM2GBA.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\mugen (full).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Dont Download.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Winamp 3.5 (full version).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Mazinkaiser pack fondos de escritorio.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Visual Studio (full).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\VMIntel386.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\VirtualDub 2.1.4.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Juegos JAVA para NOKIA.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\No lo Descargues.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WinAmp skings and plugins.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Update Photoshop 7.0 to Photoshop 9.16 (It´s Work!).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Mazinkaiser comics pack.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Lolita Pack 20 Pics.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\humor.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Hentai Evangelion Poker.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pack sex very hot nude young girl porn erotic private pussy rape clitoris suck chicas fotos culos tetas coños mamadas corridas sister hermana amigas friends lesbianas mujeres desnudas putas guarras hentai.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Simpsons pack guiones (Temporada 2004).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Pedofilia pack 37 pics.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Hentai.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WinAce 3.85 (with Serial).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WinRar v6.11 (with crack).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\3D Studio R8 (It's Work!!).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Dont Touch.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Winamp 3 (full version).exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Terminator 3 Wallpapers.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\BsPlayer v3.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\DivX 7.2 freeware.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Capitulos ineditos de DragonBall Z jamas emitidos.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\3D Movie Maker.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\GBAEmu.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Fuck my fat ass.avi.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\WAV2MP3.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe File created C:\Windows\Intelx386\Resident Evil for GameCube.exe ddfb79038a7ba087311e877a2189754365a507772feb68152c9f632942989c79.exe