22e55f29e3af41b1cbd799b12142be9cb7398804068966069d0d20c0801c1f19

Analysis

max time kernel
95s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 15:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2966c177ca913736137353551d3dd2e4.exe
Size

78KB
MD5

2966c177ca913736137353551d3dd2e4
SHA1

5141f2fc3632ee17220a5e44e2abcfcf0262065d
SHA256

22e55f29e3af41b1cbd799b12142be9cb7398804068966069d0d20c0801c1f19
SHA512

c39d3bd02772132269af08eba67e38bf3c0c2c02510d6a6a04eceda17753251b89acd96a71255bd2bf96b358ce91b408e61dde5d8a2cb78d021e32671ebb9bca
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzKQoEStDc:lV2BZVPlFlnxClFvLLcA+sPDzKnDc

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Half-Life 2_nocd.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\FlatOut(codes).exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Sims 2 + cheat.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Doom 3_cheat.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Sims 2 cdfix.exe	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\win32dc\Sims 2 cdfix.exe	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\gfCFNQu.com	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\win32dc\FlatOut(codes).exe	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\win32dc\Quake3 + codes.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\FlatOut + trainer.exe	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\win32dc\Sims 2_patch.exe	2966c177ca913736137353551d3dd2e4.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 patch.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Half-Life 2_nocd.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Quake3 + codes.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Half-Life 2 patch.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Sims 2_patch.exe	2966c177ca913736137353551d3dd2e4.exe
File created	C:\Windows\win32dc\Doom 3_trainer.exe	2966c177ca913736137353551d3dd2e4.exe

C:\Users\Admin\AppData\Local\Temp\2966c177ca913736137353551d3dd2e4.exe
"C:\Users\Admin\AppData\Local\Temp\2966c177ca913736137353551d3dd2e4.exe"
1⤵
- Drops file in Windows directory
PID:4296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Sims 2 cdfix.exe

Filesize
43KB

MD5
8fd3f3eebe04c3fb977d1dd8956d28a4

SHA1
f945732733860c41d1f6c5cb788c66a6ffba075b

SHA256
c2ab01f60e417c4637056e3b0ae7f763f1793c3449a58d4755de5bf3e54a225e

SHA512
3a0c445141a060e70ae94c140a026c1119d249796a97ce7ad2166a83fb0054b8e85d6ff43ae9e8cdfb9bbcdf4537b5645318bbf7cc9bcfeca5a7ed856b0ad9a2

Download Submit
memory/4296-16-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads