Overview

overview

9

Static

static

7

ha_IPInfoO...ne.exe

windows7-x64

9

ha_IPInfoO...ne.exe

windows10-2004-x64

9

ha_IPInfoO...��.url

windows7-x64

1

ha_IPInfoO...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    158s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 08:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ha_IPInfoOffline-v1.00/IPInfoOffline.exe

  • Size

    435KB

  • MD5

    41c3a6be8d3e4d7ad14518f7126d7cc8

  • SHA1

    fd293764144f45e18d62523434bf4bf257fc424e

  • SHA256

    1a22824e3ba16d7b8eda9faef2f981d3c877b7412da39835cbfbd2900d43d926

  • SHA512

    6c97c08aa8cf4161134f4699b100acc9bfc85f9e9ffae24c94569d609dda7c15ac1976a0095e97f88c9cb31299898af09806578292f3af45694fdcb93fb2dcd4

  • SSDEEP

    6144:PBpQIng6qYbWmnR3D0fwG39twpW6kikAPo7G6Kq1dvzEqUdQ37KNs:PHPg7tfJbUw7G697EqOQLKNs

Score
9/10

Malware Config

Signatures

  • Nirsoft 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ha_IPInfoOffline-v1.00\IPInfoOffline.exe
    "C:\Users\Admin\AppData\Local\Temp\ha_IPInfoOffline-v1.00\IPInfoOffline.exe"
    1⤵
      PID:1216

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1216-0-0x0000000000400000-0x0000000000650000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/1216-1-0x0000000000400000-0x0000000000650000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/1216-2-0x0000000000400000-0x0000000000650000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/1216-3-0x0000000000400000-0x0000000000650000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/1216-4-0x0000000000400000-0x0000000000650000-memory.dmp

      Filesize

      2.3MB

      Download