b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a

Analysis

max time kernel
184s
max time network
189s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
01/12/2022, 00:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
Size

84KB
MD5

0e5bf90de2d96ae3aa300f073bca26b0
SHA1

837b1a9dca7861f0563e533ce5b25fecb2b32a0b
SHA256

b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a
SHA512

5577477b51bacb594e66da43269b2bf7627ed09605309f31dfcc063d80b1e034259c209600ea9e1a99b4483740a4137c9eb594c58b1ccecfd5b86f70fa9aa8a7
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzhagZXZEgd:lV2BZVPlFlnxClFvLLcA+sPDzhaghZT

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Sims 2(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Doom 3 + codes.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Doom 3 cdfix.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Sims 2_cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Quake3 cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\UT2004 + nocd.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Doom 3 cdfix.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Doom 3(serial).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Quake3 cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Silent Hill 4 + trainer.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Doom 3(serial).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Doom 3(patch).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Doom 3(patch).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\UT2004(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Sims 2(codes).exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 + trainer.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
File created	C:\Windows\win32dc\Sims 2_cheat.exe	b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe

C:\Users\Admin\AppData\Local\Temp\b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe
"C:\Users\Admin\AppData\Local\Temp\b88e4fa68e16d7fff8a1d030b96c349c489bec43a8766877f73c51d2361cf78a.exe"
1⤵
- Drops file in Windows directory
PID:1324

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads