Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230824-en -
resource tags
-
submitted
26-08-2023 09:29
General
-
Target
b53a7c9fafdb11766a7365ce5e6e50dc469708c9ac06b6387a2129b44c2e8af2.exe
-
Size
876KB
-
MD5
4af08140f7fd1f0a387734a9e58785d8
-
SHA1
b0a492dc9b47772adc2f4789c201412860e884d9
-
SHA256
b53a7c9fafdb11766a7365ce5e6e50dc469708c9ac06b6387a2129b44c2e8af2
-
SHA512
356b75d24871ca2051ccb0137853758fb0375422f3ed03d1fccd0e3be409c7ac266cfb07ae5d09350a207dd8a52c7dcff0af1f394d2e3ebdf4502f62de3372e3
-
SSDEEP
12288:jPMOslJWBNK13JWBYJJd5fpxDJWBYJJsxVJWBR:jPMHJUNkJUYJJhxDJUYJJsxVJUR
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b53a7c9fafdb11766a7365ce5e6e50dc469708c9ac06b6387a2129b44c2e8af2.exe"C:\Users\Admin\AppData\Local\Temp\b53a7c9fafdb11766a7365ce5e6e50dc469708c9ac06b6387a2129b44c2e8af2.exe"1⤵
- Suspicious behavior: EnumeratesProcesses