ec33d8ee9c3881b8fcea18f9f862d5926d994553aec1b65081d925afd3e8b028

Resubmissions

31-12-2023 09:11

231231-k5vvksadc3 6

29-12-2023 08:53

231229-ktts5sgbh8 10

Analysis

max time kernel
1s
max time network
93s
platform
windows10-2004_x64
resource
win10v2004-20231215-ja
resource tags

arch:x64arch:x86image:win10v2004-20231215-jalocale:ja-jpos:windows10-2004-x64systemwindows
submitted
31-12-2023 09:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AnyDesk.exe
Size

5.3MB
MD5

75eecc3a8b215c465f541643e9c4f484
SHA1

3ad1f800b63640128bfdcc8dbee909554465ee11
SHA256

ec33d8ee9c3881b8fcea18f9f862d5926d994553aec1b65081d925afd3e8b028
SHA512

b3a48230fc6f20038c938e5295b68a3f020b94e220ca2fab6a894d126dc41f6f1021c239613bf9d6de84370ad7df9d9a91baf716a87d43eb101ee3e48578e5ff
SSDEEP

98304:j5ObAu2pmits24nYhQCWQdaQQo/mJPv4KYZPKBhYI5RuN4OL2wIjcsJWNg3:IAnRu24nR5QcTvYdmPuWOL2TcQWe3

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
1⤵
PID:4760
- C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-control
  2⤵
  PID:1768
- C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-service
  2⤵
  PID:4380
- - C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
    "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --backend
    3⤵
    PID:4392

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x408 0x3fc
1⤵
PID:1184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1768-30-0x00000000026F0000-0x00000000026F1000-memory.dmp

Filesize
4KB

Download
memory/1768-379-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/1768-12-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/1768-330-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/1768-213-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-378-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-11-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-14-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-329-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-212-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4380-77-0x0000000003EB0000-0x0000000003EB1000-memory.dmp

Filesize
4KB

Download
memory/4392-261-0x0000000005ED0000-0x0000000005ED1000-memory.dmp

Filesize
4KB

Download
memory/4392-268-0x0000000005F60000-0x0000000005F61000-memory.dmp

Filesize
4KB

Download
memory/4392-377-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4392-343-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4392-332-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4392-242-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4392-241-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4392-249-0x0000000002280000-0x0000000002281000-memory.dmp

Filesize
4KB

Download
memory/4392-258-0x0000000005E90000-0x0000000005E91000-memory.dmp

Filesize
4KB

Download
memory/4392-264-0x0000000005F20000-0x0000000005F21000-memory.dmp

Filesize
4KB

Download
memory/4392-271-0x0000000005F90000-0x0000000005F91000-memory.dmp

Filesize
4KB

Download
memory/4392-275-0x0000000005FE0000-0x0000000005FE1000-memory.dmp

Filesize
4KB

Download
memory/4392-277-0x0000000005FA0000-0x0000000005FA1000-memory.dmp

Filesize
4KB

Download
memory/4392-276-0x0000000005EF0000-0x0000000005EF1000-memory.dmp

Filesize
4KB

Download
memory/4392-274-0x0000000005FD0000-0x0000000005FD1000-memory.dmp

Filesize
4KB

Download
memory/4392-273-0x0000000005FC0000-0x0000000005FC1000-memory.dmp

Filesize
4KB

Download
memory/4392-272-0x0000000005FB0000-0x0000000005FB1000-memory.dmp

Filesize
4KB

Download
memory/4392-270-0x0000000005F80000-0x0000000005F81000-memory.dmp

Filesize
4KB

Download
memory/4392-269-0x0000000005F70000-0x0000000005F71000-memory.dmp

Filesize
4KB

Download
memory/4392-254-0x0000000005CB0000-0x0000000005CB1000-memory.dmp

Filesize
4KB

Download
memory/4392-267-0x0000000005F50000-0x0000000005F51000-memory.dmp

Filesize
4KB

Download
memory/4392-266-0x0000000005F40000-0x0000000005F41000-memory.dmp

Filesize
4KB

Download
memory/4392-265-0x0000000005F30000-0x0000000005F31000-memory.dmp

Filesize
4KB

Download
memory/4392-263-0x0000000005F10000-0x0000000005F11000-memory.dmp

Filesize
4KB

Download
memory/4392-262-0x0000000005F00000-0x0000000005F01000-memory.dmp

Filesize
4KB

Download
memory/4392-255-0x0000000005CD0000-0x0000000005CD1000-memory.dmp

Filesize
4KB

Download
memory/4392-260-0x0000000005EC0000-0x0000000005EC1000-memory.dmp

Filesize
4KB

Download
memory/4392-259-0x0000000005EB0000-0x0000000005EB1000-memory.dmp

Filesize
4KB

Download
memory/4392-257-0x0000000005E80000-0x0000000005E81000-memory.dmp

Filesize
4KB

Download
memory/4392-256-0x0000000005CF0000-0x0000000005CF1000-memory.dmp

Filesize
4KB

Download
memory/4760-0-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4760-200-0x0000000007BF0000-0x0000000007BF1000-memory.dmp

Filesize
4KB

Download
memory/4760-76-0x0000000006340000-0x0000000006341000-memory.dmp

Filesize
4KB

Download
memory/4760-66-0x0000000006330000-0x0000000006331000-memory.dmp

Filesize
4KB

Download
memory/4760-331-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4760-79-0x0000000008930000-0x0000000008931000-memory.dmp

Filesize
4KB

Download
memory/4760-80-0x0000000007BE0000-0x0000000007BE1000-memory.dmp

Filesize
4KB

Download
memory/4760-211-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download
memory/4760-4-0x00000000041A0000-0x00000000041A1000-memory.dmp

Filesize
4KB

Download
memory/4760-1-0x0000000000970000-0x0000000002140000-memory.dmp

Filesize
23.8MB

Download