Analysis

  • max time network
    118s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-12-2023 03:33

General

  • Target

    PhotoDream_ha/iis.exe

  • Size

    632KB

  • MD5

    f4762a97b2bd3e230a5d8b983c782062

  • SHA1

    1e9e5f407b1d9fbd32c6f041361a5fe614596ffe

  • SHA256

    6a11179466216788d6b290d9eed9ab158b1e27259f8885ec073cd325c5271467

  • SHA512

    e07d3097b7db58d9caad1962e0382729e66cb8cae23ea86993229968b67419b6de5f4041e0afc93f8962bb702d15e207c17262b1986b6473165c335f57dc7730

  • SSDEEP

    12288:NEGCZ7+MPnGWKilkJXaicUxflPqMD8ZfCTIbHxc:3jMfRIAXQPqMofC+

Score
7/10

Malware Config

Signatures

  • Unexpected DNS network traffic destination 2 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads