Overview

overview

1

Static

static

1

AnyDesk.exe

windows11-21h2-x64

1

Resubmissions

06/02/2024, 17:36

240206-v6qx5acbc3 3

06/02/2024, 17:32

240206-v4lkmacaf3 1

Analysis

  • max time kernel
    0s
  • max time network
    16s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231222-en
  • resource tags

    arch:x64arch:x86image:win11-20231222-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/02/2024, 17:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AnyDesk.exe

  • Size

    5.0MB

  • MD5

    a21768190f3b9feae33aaef660cb7a83

  • SHA1

    24780657328783ef50ae0964b23288e68841a421

  • SHA256

    55e4ce3fe726043070ecd7de5a74b2459ea8bed19ef2a36ce7884b2ab0863047

  • SHA512

    ca6da822072cb0d3797221e578780b19c8953e4207729a002a64a00ced134059c0ed21b02572c43924e4ba3930c0e88cd2cdb309259e3d0dcfb0c282f1832d62

  • SSDEEP

    98304:NzTZ3cINQscs0m++LNkT6OpwDGUUH57yvZ/49Mr8EO3QhA9Kq:Nzt3cINQscNmvLCwDkHEvZ/4R79x

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
    "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
    1⤵
      PID:1556
      • C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
        "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-control
        2⤵
          PID:2112
        • C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
          "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-service
          2⤵
            PID:2452

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\gcapi.dll
          Filesize

          385KB

          MD5

          1ce7d5a1566c8c449d0f6772a8c27900

          SHA1

          60854185f6338e1bfc7497fd41aa44c5c00d8f85

          SHA256

          73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf

          SHA512

          7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
          Filesize

          5KB

          MD5

          16630d957604538ed318f5ff826831aa

          SHA1

          f242edb38c8b653aeecbe76b61ce70f4de4cb570

          SHA256

          4bd10f1e56498053414d9a5073e1c9c2bc906a1e7ddcba612ac026c4faa2485e

          SHA512

          32c21cf2dc6b8295b63aade2b921930f0e76a4a6ee72546788dcf81b2f5bcd63805142f266b94f0a18f62c008b30e502dce254222c94e3b922dd1115853efaf2

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
          Filesize

          9KB

          MD5

          ccedab7fc2a3645998f68e0c690cde7a

          SHA1

          7f26c5c60d1cfa1127d3f1ab96a7fc736cf22b12

          SHA256

          c756aa641ecb597a87a4b9878dd49c0c6e737719d04b2bf93a298d74222b8ea2

          SHA512

          20561a92e6f5e5a3de57ec5b1c95e7f4578841ead5feffb3d6c1b54b56544ef099318e58ba7c5acca6e30cc9bc20ab45fb0fc31f2d157b7c1402455bf680542c

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
          Filesize

          2KB

          MD5

          56746b021a8ab5a0050ed365a5f2aeab

          SHA1

          2556953fa2a35b754d47dfda2b19239cd600182c

          SHA256

          e576e433adc2677eecf96e909a7401ac8f6780ac098533f6c85860e16e6ed1a0

          SHA512

          d667d7c7f4c3a8d4b3bbd09268c5a4a7889c4b6d9638eee21baed7789584d2a674b587d422e9351369be0a2174bcd59e72e37f0a3ab8c06074b8f238a5929d2d

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
          Filesize

          2KB

          MD5

          2eee2f043a016d46bd92fc1e00939645

          SHA1

          14a27d454e8efd902f20548beb855912f4a385eb

          SHA256

          4ec44827141d097a1ae341ac47dfc4e4435bc5e3a45f288333fdf4584f6e5d83

          SHA512

          908609515383a4e8b960012118f3045015f5c66706c6e369dc54551d20cd635ccaeb50ef25d6237802b922c42fac3cd42efe29995e5974a96638c95aad563e89

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          681B

          MD5

          6dacc7f427a7688b10abf7cb52cff0fd

          SHA1

          a4b59f5bbc3e6e8530fe76fea7b9b1ae4b23f654

          SHA256

          4a04e72d3c2d9cf6deddbbdd68badb1d65ee8be32128a1ab5ac3f7cf50189de3

          SHA512

          e75b6d83d05fc7758ee1525f547959d8f2d2b1925ac6813bf350689d73bbbad851cb31436f09e0bb7a24bc84efbc54e7a0c7ac6591a0bfcdead2de5eb0d1af37

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          745B

          MD5

          f550f1aa2400f8e3db23dfb46df08f9a

          SHA1

          e60f12f4d9a9c875340db0c9f66d909bb05331fb

          SHA256

          ec40d51e770d95c90d42e2799d037c6613ef10c16452d4f8804b2071eb3cfcaf

          SHA512

          4065186bb4f9e35bdb4c280038c9e12b53c5beefd2eea94a4d079f1d0a5327fa5f3dc3cca65292035d058d9e17295f4167c35c8aee5277b625a3f0d2302b660a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          802B

          MD5

          378ae944a594c613efe4d9ab82a5937d

          SHA1

          1b250e45e3c893446686c5ce18727b619f84e478

          SHA256

          f96bb396a9c356399903383de57e60b31cd15c64ae7150bf6c60737ae9c0283a

          SHA512

          93e8a46a5c0eb8020341ec936529e9e473282dd633c4b9e3404d393e4a8206087d0ebc6a168dc9e5c8ddefbf20eacc681c73cc9d799a054e3df3e646f2269056

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          312B

          MD5

          0c04ad1083dc5c7c45e3ee2cd344ae38

          SHA1

          f1cf190f8ca93000e56d49732e9e827e2554c46f

          SHA256

          6452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0

          SHA512

          6c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          424B

          MD5

          218e3c44d40846f6ea4f96cd356480d4

          SHA1

          91091147d90a40a30ade2120b3d53dd8bfe5240b

          SHA256

          45ddeba20042060729d188327a7401ef60c53db02154c126aeb1b93ca437a38a

          SHA512

          c60b5299d67cf6afa90f34d8d2a0653047db9108fed185949eb8405fd5753960b72e2059a36ebea93b55f30b9122be40353af867c9e579ef7834287bb495af7f

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
          Filesize

          424B

          MD5

          9551e481c55a226a2f23818f72a9b4e6

          SHA1

          d0fb0134d784126c8fc45cceeca6c67d8b12ef55

          SHA256

          433d2df39c26149aefd33a9e2c343adda0bc2b6c05ae69f14e52036f896851e6

          SHA512

          c1f1c4ce5632f54aac6961cedab894ba80bd35e5f82e35af76be0c0f409d608afdbbc5fc7dc8c6bec9b486fa9358f0f264070e1a979c6a158f87af0bcf9f3a1d

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          2KB

          MD5

          3e1daf0c702f6d03e50a87940d220e28

          SHA1

          36f5080618cb2c1f452c9875c9a87826edd959da

          SHA256

          7b1fead8f26e359230977c799ab6bf71a699aa0caa7c84cec8ae3ad6a637f869

          SHA512

          f697f783345001822b4ba1e4811a56a98cb9ae4644f5b72ba4b98c32fa07eb17d36b70a0d1fbe443b559924ab0460c47fbf26dfc8cf6bef587acf24dea35ca7a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          3KB

          MD5

          b3e99c97c1d003ddad7cb37c6b0104ce

          SHA1

          282d641246db041585c63222c4663a87afb6711f

          SHA256

          1a4f5d274b1e8d5d7ccb1640157d057a06877ad75e1a1c87b3a4b3bd3bd230b9

          SHA512

          f41996fa84d03b093f0bcf011cca778e61a30fb860b3d9409fc7a1b8edbf8e1f7c065e986b7e5bc197c4e83b6b5aa2bd31f4e93a0790dac6b34e59fe919f9177

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          3KB

          MD5

          7b1f7d083378506b8fff4d3a7f4ddaae

          SHA1

          c0d6566607401a0a67f3953e7b9767dddf18f47a

          SHA256

          8f767ad612c593ef3c6349b04bdc0c19174df637c1fa9fa04bd2e92ae13d06a7

          SHA512

          d74bbcd12ab5a1841f054d47f6fd338942bcdb8f6612268d3da0d7b3bbf3f77d543634d8af434a7c4834733318b60f998ba7b74cc955420a20195608aca4cb45

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          6KB

          MD5

          427110a8771ce3189ecf2e7a9b7165d9

          SHA1

          19c4f47e7f84a28b5a988e2fe32943d8dd23f3ac

          SHA256

          1aa33d0552383736b6128bdf97cac0db30b535ac0cb32cce6abc0d2ff68d82c7

          SHA512

          e2088f93d0a094eae67e07ef3d0bfc47e28ba2e540a878602ac94dc998f313902181c434d8e5c1b71636ed4eb15796d77e4a3a5428730cb1dbcfe0ff48bad590

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          1KB

          MD5

          b7470412c8f599984559d55502ba8632

          SHA1

          a0aeb9b27f626095fa242c2d82e54f20b4df66e0

          SHA256

          056b564016a7a16e8772680431f8d8b10ce1f8bb0828b7f5afdbe34fbf418b71

          SHA512

          4ebb1f98c70a7503c108ead0bacd8c3e9b32fd2da21627d01cba226fc715e559e5229f5ee47e6f9e3306c28fb9beadbb58d5c31be74f7d424b158cd5cdfb9568

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          1KB

          MD5

          d9f8887d1b22e7041cb7d7879515563f

          SHA1

          7e3b0f4586cc8d1b58da710ba2e2a681315f635f

          SHA256

          d4d72925970505158aeb0cf3281a8af2c961a775ee3bbb1055c516ab0724dd2b

          SHA512

          e7709ffb3f2761d83d6cfddd8fa300e0396461c65fd12ed9dcff8f6c47f12c52df9accc309ae5a17f4f663b9d499c41d46ebc55e122573852c62d75ff7c0a73a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          1KB

          MD5

          b73775ccc5f96f6508c1fdfad4cd9649

          SHA1

          c125f0bc985f911ee9624319dbb1fae8019f686c

          SHA256

          3da4615bcaa0954e2fa3758663482d787b873fcd910bea4fbcc5353ca36bd74e

          SHA512

          f71fcd69dc2fe51600e0cf33c631bf4ea6280cbdaca4e9e3bff2e61cbbbe72f4c2d146da41a0a24569480747bd26951818498edcae750c8d0a6beefd808d19fb

          Download Submit

        • C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
          Filesize

          1KB

          MD5

          af09e72528fae5ed02502e8381cde8d0

          SHA1

          c73359c9a77bdd63e685a935a234eb27ebf85e87

          SHA256

          38397e8214e6c9629bef6655ec1aaa031d34af2c0675fbb5879281dee7e84202

          SHA512

          ac482333153a7d1808ae712fd91df20577d9e08bcd3ee25a530cc215f33880288b2b2a28e4909262f79f9c05aae4db4fc1b09255e9a9c6c33f729fd44cf27d73

          Download Submit

        • memory/1556-223-0x0000000007350000-0x0000000007351000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1556-84-0x0000000007340000-0x0000000007341000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1556-233-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/1556-22-0x0000000005C70000-0x0000000005C71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1556-1-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/1556-21-0x0000000005C80000-0x0000000005C81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1556-81-0x0000000005D70000-0x0000000005D71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1556-0-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/1556-4-0x0000000002380000-0x0000000002381000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2112-12-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/2112-31-0x0000000002640000-0x0000000002641000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2112-235-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/2452-25-0x00000000009C0000-0x00000000009C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2452-11-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download

        • memory/2452-236-0x0000000000AA0000-0x00000000021D7000-memory.dmp

          Filesize

          23.2MB

          Download