b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a

Analysis

max time kernel
21s
max time network
35s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 00:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
Size

84KB
MD5

0e5bf90de2d96ae3aa300f073bca26b0
SHA1

837b1a9dca7861f0563e533ce5b25fecb2b32a0b
SHA256

b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a
SHA512

5577477b51bacb594e66da43269b2bf7627ed09605309f31dfcc063d80b1e034259c209600ea9e1a99b4483740a4137c9eb594c58b1ccecfd5b86f70fa9aa8a7
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzhagZXZEgd:lV2BZVPlFlnxClFvLLcA+sPDzhaghZT

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 20 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Half-Life 2 nocd.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Quake3_cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Doom 3(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\DAoC + fix.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\DAoC + patch.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Quake3_cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Half-Life 2(nocd).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\FlatOut trainer.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\FlatOut trainer.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\DAoC + patch.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 nocd.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4_serial.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_crack.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\DAoC(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2(nocd).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\DAoC + fix.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\xvl.com	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Silent Hill 4_serial.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Doom 3(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Counter-Strike_crack.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe

C:\Users\Admin\AppData\Local\Temp\b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
"C:\Users\Admin\AppData\Local\Temp\b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe"
1⤵
- Drops file in Windows directory
PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2036-54-0x0000000075631000-0x0000000075633000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads