Analysis
-
max time kernel
31s -
max time network
36s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
04-06-2023 21:52
General
-
Target
Qc Key Generator.exe
-
Size
90KB
-
MD5
7fd1256901a67a1d7891646542747dfd
-
SHA1
cf37b5807ec8a5eb378541baf0374ae872bdb40f
-
SHA256
68fab219a12dfa8406007d78218a7dfc61d1141295a15046526bbbb498fa3b87
-
SHA512
6bda14e5e326f718494f708914b1d86871483fbc0785564dbeee78335a9ac8b8869bfeef168a39def71b27c3729cefd899ae91cb43e44da8abe2098178708d97
-
SSDEEP
1536:H7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfpw2QOO:b7DhdC6kzWypvaQ0FxyNTBfpA
Score
1/10
Malware Config
Signatures
-
Runs ping.exe 1 TTPs 3 IoCs
-
Suspicious use of WriteProcessMemory 13 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Qc Key Generator.exe"C:\Users\Admin\AppData\Local\Temp\Qc Key Generator.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\FE7C.tmp\FE7D.tmp\FE7E.bat "C:\Users\Admin\AppData\Local\Temp\Qc Key Generator.exe""2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\PING.EXEPING -n 2 127.0.0.13⤵
- Runs ping.exe
-
-
C:\Windows\system32\PING.EXEPING -n 3 127.0.0.13⤵
- Runs ping.exe
-
-
C:\Windows\system32\PING.EXEPING -n 2 127.0.0.13⤵
- Runs ping.exe
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD539c9b2e01673bba35f0fa6d47f3228d1
SHA1aa83edab9485b01f0d42ab9fa4a80b96a993f2e6
SHA25632354a52edb868e72c7e5b42044fcaacf68c91491216b6ed9bfa851e2e7ff168
SHA5124c1b286f289b6addfa0f32b882a99a1f9f7a72d4bb705c52c2e2196c6a688e898bb8d9eda69b7f37a172c15eb1f6e06ed1f341e9e4898f28b8e470b2f3676773