644e43a134c7ba21c88d7dc76f6a7df1326f3a3c40a78f96505698a1fbe6e2ed

Analysis

max time kernel
142s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
31/10/2023, 02:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

DefNotRat.exe
Size

105KB
MD5

c12591a2150583bd138d9583646353eb
SHA1

706dd4217b4df89348c66313f1ddb3cbea0a6349
SHA256

644e43a134c7ba21c88d7dc76f6a7df1326f3a3c40a78f96505698a1fbe6e2ed
SHA512

3bf88c8fb4e8ade8d56c06c37af878e0868bce68dd5a198e866f49fc59ec7513e3341085bb5c98f807509bbc87e9b625510bbb919fc7a2fde05ec4ae4bbe68ab
SSDEEP

48:6K+xdZI/mPAdr/8Oc9o+ijNMXANjbFuzkCtnhLldEqkUEeFLDpfbNtm:HEAaQjA1t1zNt

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\vlone ratted you 48.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 170.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 147.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 22.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 25.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 79.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 103.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 150.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 192.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 2.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 52.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 70.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 129.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 171.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 42.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 66.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 45.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 200.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 5.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 30.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 91.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 18.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 161.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 182.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 152.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 162.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 195.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 33.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 40.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 83.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 169.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 6.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 85.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 100.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 47.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 76.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 163.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 13.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 39.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 133.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 155.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 189.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 1.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 72.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 95.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 98.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 164.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 43.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 62.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 175.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 191.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 10.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 68.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 111.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 121.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 168.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 36.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 67.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 132.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 55.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 149.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 14.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 146.txt	DefNotRat.exe
File created	C:\Program Files (x86)\vlone ratted you 107.txt	DefNotRat.exe

C:\Users\Admin\AppData\Local\Temp\DefNotRat.exe
"C:\Users\Admin\AppData\Local\Temp\DefNotRat.exe"
1⤵
- Drops file in Program Files directory
PID:2964

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\vlone ratted you 5.txt

Filesize
50KB

MD5
5e64f187163ce360dc8c07b13cee916a

SHA1
725f1a36f9f269f81bf47efa26a4e36c5e171aa0

SHA256
857c395047a11ac0419a1bc3d16b4d0fc8f7938a8625d680878ca798e1032bc1

SHA512
16195317e06c32221c7e8b38ec96163c1117a2298c79e62bd2cef5bbaf3cf45bac21d27fd9eb7ffe583baa04b2e49ddbe638951edc3e532726ca448f403f5382

Download Submit
memory/2964-0-0x0000000000500000-0x0000000000520000-memory.dmp

Filesize
128KB

Download
memory/2964-1-0x0000000074CF0000-0x00000000754A0000-memory.dmp

Filesize
7.7MB

Download
memory/2964-203-0x0000000074CF0000-0x00000000754A0000-memory.dmp

Filesize
7.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads