04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0

Analysis

max time kernel
30s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
17-12-2022 19:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
Size

5.4MB
MD5

415d836623023306e2fe080772ff7058
SHA1

998d172893e7335469212e0657f83ead1ed557db
SHA256

04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0
SHA512

5bd50f8ad05dde34c4c1a5fbe5caad4fe2c4951fdc2923d605910eb59f0dc0a1249d101ec75cc535f7131ac93896fe28124485edd2389d2484c9af960861a094
SSDEEP

98304:lYRYkPqYkPJYkPRBzK6VH9bTN/T94YsGEdUepTy07y0+6B2NvtU4fa4cWPPtZRng:6YkPqYkPJYkPRBW+XW3dUepTy07y0+fc

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A1-VehicleResource\11087465-188.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11494357.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11499604.01	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11486728.01	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A2-VehicleTopology	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11156993_BCM_reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Programming	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\11512294.02	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11087914_IAM_Reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Config\11517669_01.95	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Programming\10394857.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11157123_ICC_reprog_appendMPU.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IMCU\setup	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A2-VehicleTopology\11435752_03.A2	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\SPD\Programming	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Programming\11087899_reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\11512296.09	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICM\Config\11485244.95	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\11512295.03	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ServerData.xml	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A1-VehicleResource	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\SPD\Programming\11087907_MPD_RENEW.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\SPD\Programming\11494174_SPD_REPROGRAM _update.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11507630-246.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Programming\11087899_reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A1-VehicleResource\11507630-246.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\11087899_reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\Programming	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\SIPS.exe.config	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11507569-236.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Config\11517669_01.95	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11461298.95	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11461298.95	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICM	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\MPD\Programming\11507630-246.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11156993_BCM_reprog.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\10394857.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IMCU\setup\10964134.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11435752_04.A2	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11518290_01.01	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Programming\30303030.06	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11499604.01	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Config	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\A1-VehicleResource\11087465-188.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\MPD\Programming\11507630-246.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\SPD\Programming\11087907_MPD_RENEW.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\SPD	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IMCU\Programming\11087413.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11518298_01.00	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\ICC\Programming\11157123_ICC_reprog_appendMPU.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IMCU\Programming\10964131.A4	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11518290_02.01	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11518298_01.00	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\11512297.04	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\RENEW\11435752_04.A2	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\BCM\Programming\11225736_01.00	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\EPS\Renew\10394857.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\Programming\11494357.A3	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File opened for modification	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IAM\Programming\11507569-236.A1	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
File created	C:\Program Files\SAIC\SIPS\AfsOfflineTestFolder\ES33\IMCU\Programming\11506580.02	04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe

C:\Users\Admin\AppData\Local\Temp\04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe
"C:\Users\Admin\AppData\Local\Temp\04064b496037b27bc565847ae28d1c12cec75142fd4e31e64c38077a4418c5e0.exe"
1⤵
- Drops file in Program Files directory
PID:1072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1072-54-0x0000000075531000-0x0000000075533000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads