Analysis
-
max time kernel
145s -
max time network
115s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
24/01/2024, 11:16
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
72172c76c1a80b6fca052bd6c56361df.exe
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
72172c76c1a80b6fca052bd6c56361df.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
72172c76c1a80b6fca052bd6c56361df.exe
-
Size
216KB
-
MD5
72172c76c1a80b6fca052bd6c56361df
-
SHA1
857813776e2634b26c1cc63a7da1e101bdd477fc
-
SHA256
c2a3b229a9b68a90193be64505e7bca2e1adbedcc3fd54481656d48811bcea45
-
SHA512
ed3fb6611d2a8ce0d9652ee12516d3ec0f9f3eae3e5052c7f2d3f9aae7184f177f3a47375219c17e73fa497cbcca2288b12245c216d9b66f4693bdedec48b851
-
SSDEEP
6144:U4hssJqgHevixJfX4m4TW/yugjWGtTB0GX:U4hssJqgHWgp4T+ywGtTF
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 104.155.138.21 -
Suspicious behavior: EnumeratesProcesses 50 IoCs
pid Process 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe 4904 72172c76c1a80b6fca052bd6c56361df.exe