Analysis

  • max time network
    300s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-12-2022 15:18

Errors

Reason
Reading agent response: read tcp 10.127.0.1:35404->10.127.0.15:8000: read: connection timed out

General

  • Target

    AnyDesk_x64x32/AnyDesk_x64x32.exe

  • Size

    745.2MB

  • MD5

    5956d3d9c0cdd930cf7754cfc194feaf

  • SHA1

    0ab481033c4d03850c8426a636d9c6d542d3546a

  • SHA256

    9349e45e03aa3efff2c32e8987dd905ec618f80083e43c9e06f997fe52dfd7c7

  • SHA512

    31b2157bb4bdf43948fa700a2720a97f95df4d158a69df14eab334dfc9594dc3f6c29bdccef65dbe7358bcfed129c51c43c3a6b614bfc9d187e18b0475822d8f

  • SSDEEP

    98304:JQrLZQrLAmaY70kUpqnT/0FH1Bj81K0sFCHnkcCemOU+ltwiSqfqdNZvJbhr4H:JULZULAQ7ZTr0FH1BAoFOZPfq/S

Score
7/10

Malware Config

Signatures

  • Unexpected DNS network traffic destination 2 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads