363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68

Analysis

max time kernel
206s
max time network
196s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
01-12-2022 00:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
Size

111KB
MD5

050462782b8d0239d661dd45ff87f070
SHA1

d75609f2d61ac43dafb52a0b1ea4f479adddf866
SHA256

363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68
SHA512

544ed9cab37d85339ceeb62646b0273b42d7927f7e38d1333f49dc709ae72d77c5516a14dc41d7696706d45cf182229457756d8b5df870fbcb7b1ffc68295a74
SSDEEP

3072:lV2BZVPlFlnxClFvLLcA+sPDzq1x5xp4xr22mmzMMs:bQrNFxwjF+UqZir5wl

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Counter-Strike + nocd.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\Quake3(hack).exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\Doom 3 codes.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\DAoC_cheat.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\UT2004 hack.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\FlatOut + fix.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\UT2004_serial.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Half-Life 2 + serial.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Doom 3 codes.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 + hack.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Quake3(hack).exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 + serial.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4(nocd).exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Counter-Strike + nocd.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\FlatOut + fix.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Half-Life 2 + hack.exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
File created	C:\Windows\win32dc\Silent Hill 4(nocd).exe	363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe

C:\Users\Admin\AppData\Local\Temp\363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe
"C:\Users\Admin\AppData\Local\Temp\363a130dd4d7e53d54957dd46b76799e362a1aa54ebd27a74e3d345ac4625f68.exe"
1⤵
- Drops file in Windows directory
PID:4388

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads