1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0

Analysis

max time kernel
114s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
02-12-2023 01:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0.exe
Size

131.3MB
MD5

e2660cb6a6bd50aa797e4207c6a180c9
SHA1

ae9dd51791ec21218386f809f45342faaa723eee
SHA256

1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0
SHA512

0cfec841f83be0f8d0be6c8731767d4640080b6d8aa303477b3210836e245b0053ae00f412357bbd8f1941ce999375f4b41df880cece05e6d7f4d9a5f21cd2ea
SSDEEP

786432:ny/QyHIQunIAHj37Enk9s9x0G/EgnTp/lo7oZ4AzGpHjUoFmnTtLwSTRpf4P1wTo:y/hSq0cTp9ioZ4AzGNFK5vy9

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

C:\Users\Admin\AppData\Local\Temp\1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0.exe
"C:\Users\Admin\AppData\Local\Temp\1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0.exe"
1⤵
PID:4620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4620-0-0x0000000006FA0000-0x0000000007928000-memory.dmp

Filesize
9.5MB

Download
memory/4620-3-0x0000000006FA0000-0x0000000007928000-memory.dmp

Filesize
9.5MB

Download
memory/4620-5-0x0000000000370000-0x0000000000BD5000-memory.dmp

Filesize
8.4MB

Download
memory/4620-4-0x0000000008520000-0x0000000009109000-memory.dmp

Filesize
11.9MB

Download
memory/4620-8-0x0000000008520000-0x0000000009109000-memory.dmp

Filesize
11.9MB

Download
memory/4620-9-0x00000000068A0000-0x00000000068B1000-memory.dmp

Filesize
68KB

Download
memory/4620-13-0x0000000006AB0000-0x0000000006B64000-memory.dmp

Filesize
720KB

Download
memory/4620-12-0x00000000068A0000-0x00000000068B1000-memory.dmp

Filesize
68KB

Download
memory/4620-16-0x0000000006AB0000-0x0000000006B64000-memory.dmp

Filesize
720KB

Download
memory/4620-17-0x00000000068D0000-0x00000000068DC000-memory.dmp

Filesize
48KB

Download
memory/4620-20-0x00000000068D0000-0x00000000068DC000-memory.dmp

Filesize
48KB

Download
memory/4620-21-0x0000000006910000-0x000000000692F000-memory.dmp

Filesize
124KB

Download
memory/4620-24-0x0000000006910000-0x000000000692F000-memory.dmp

Filesize
124KB

Download
memory/4620-25-0x0000000006930000-0x0000000006945000-memory.dmp

Filesize
84KB

Download
memory/4620-28-0x0000000006930000-0x0000000006945000-memory.dmp

Filesize
84KB

Download
memory/4620-29-0x0000000006990000-0x00000000069C6000-memory.dmp

Filesize
216KB

Download
memory/4620-32-0x0000000006990000-0x00000000069C6000-memory.dmp

Filesize
216KB

Download
memory/4620-33-0x0000000006B90000-0x0000000006BA2000-memory.dmp

Filesize
72KB

Download
memory/4620-36-0x0000000006B90000-0x0000000006BA2000-memory.dmp

Filesize
72KB

Download
memory/4620-40-0x0000000006BE0000-0x0000000006BFD000-memory.dmp

Filesize
116KB

Download
memory/4620-43-0x0000000006BE0000-0x0000000006BFD000-memory.dmp

Filesize
116KB

Download
memory/4620-44-0x0000000006F60000-0x0000000006F9A000-memory.dmp

Filesize
232KB

Download
memory/4620-47-0x0000000006F60000-0x0000000006F9A000-memory.dmp

Filesize
232KB

Download
memory/4620-48-0x0000000007A30000-0x0000000007B19000-memory.dmp

Filesize
932KB

Download
memory/4620-51-0x0000000007A30000-0x0000000007B19000-memory.dmp

Filesize
932KB

Download
memory/4620-52-0x0000000007C70000-0x0000000007DBA000-memory.dmp

Filesize
1.3MB

Download
memory/4620-55-0x0000000007C70000-0x0000000007DBA000-memory.dmp

Filesize
1.3MB

Download
memory/4620-56-0x0000000007F60000-0x00000000080ED000-memory.dmp

Filesize
1.6MB

Download
memory/4620-59-0x0000000007F60000-0x00000000080ED000-memory.dmp

Filesize
1.6MB

Download
memory/4620-60-0x0000000007970000-0x0000000007976000-memory.dmp

Filesize
24KB

Download
memory/4620-63-0x0000000007970000-0x0000000007976000-memory.dmp

Filesize
24KB

Download
memory/4620-64-0x00000000079C0000-0x00000000079C9000-memory.dmp

Filesize
36KB

Download
memory/4620-67-0x00000000079C0000-0x00000000079C9000-memory.dmp

Filesize
36KB

Download
memory/4620-140-0x0000000000370000-0x0000000000BD5000-memory.dmp

Filesize
8.4MB

Download