d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95

Analysis

max time kernel
45s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 09:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
Size

82KB
MD5

0c9557fddbd6c4d2386d078340fc5538
SHA1

aa61882667fda4ec581f9598365e5cd8cc431930
SHA256

d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95
SHA512

db319bdbdfa73ce1b95d528f7cf69d1fd057479dcccc11ab0838fd4814d25a32a253f8b2c92b464e3e0645f5f38db8f5ac2c705f8b8533eff208d556ab5dca30
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzrTn/X8WKhU5T:lV2BZVPlFlnxClFvLLcA+sPDzPnfn5T

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\hv.com	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe

Drops file in Windows directory 18 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Counter-Strike_patch.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\FlatOut(patch).exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\FlatOut(patch).exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\FlatOut_serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\FlatOut fix.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\Quake3_serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\DAoC trainer.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\Counter-Strike_patch.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\FlatOut_serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\FlatOut fix.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\Silent Hill 4 hack.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\FlatOut serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 hack.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\Quake3_serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\FlatOut serial.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\BattleField 1942_nocd.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File created	C:\Windows\win32dc\DAoC fix.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
File opened for modification	C:\Windows\win32dc\DAoC fix.exe	d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe

C:\Users\Admin\AppData\Local\Temp\d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe
"C:\Users\Admin\AppData\Local\Temp\d84404eb96fdab2777e6cdca8700e6aff96aa8ea6c139d6379b419ad0a5a7b95.exe"
1⤵
- Drops file in System32 directory
- Drops file in Windows directory
PID:1468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1468-54-0x0000000076BA1000-0x0000000076BA3000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads