Analysis Overview
SHA256
bbaf5140518acfc1cd69cc595184869b0f6adda59134f83566393bc3435fb9d3
Threat Level: Known bad
The file file.exe was found to be: Known bad.
Malicious Activity Summary
SystemBC
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-02-07 15:59
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-02-07 15:59
Reported
2023-02-07 16:01
Platform
win7-20220901-en
Max time kernel
100s
Max time network
107s
Command Line
Signatures
SystemBC
Processes
C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
Network
| Country | Destination | Domain | Proto |
| DE | 144.76.223.74:443 | tcp | |
| CA | 41.77.117.114:465 | tcp |
Files
memory/1516-55-0x0000000000220000-0x0000000000223000-memory.dmp
memory/1516-54-0x00000000006BB000-0x00000000006CE000-memory.dmp
memory/1516-56-0x0000000000400000-0x000000000055F000-memory.dmp
memory/1516-57-0x00000000006BB000-0x00000000006CE000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2023-02-07 15:59
Reported
2023-02-07 16:01
Platform
win10v2004-20220812-en
Max time kernel
113s
Max time network
153s
Command Line
Signatures
SystemBC
Processes
C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
Network
| Country | Destination | Domain | Proto |
| US | 93.184.220.29:80 | tcp | |
| US | 93.184.220.29:80 | tcp | |
| US | 93.184.220.29:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| DE | 144.76.223.74:443 | tcp | |
| IE | 13.69.239.73:443 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.59.190.53:465 | tcp | |
| ZA | 164.160.91.18:465 | tcp |
Files
memory/4084-132-0x0000000000879000-0x000000000088C000-memory.dmp
memory/4084-133-0x00000000007F0000-0x00000000007F3000-memory.dmp
memory/4084-134-0x0000000000400000-0x000000000055F000-memory.dmp
memory/4084-135-0x0000000000879000-0x000000000088C000-memory.dmp