Analysis
-
max time kernel
145s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
13-02-2024 09:06
Static task
static1
Behavioral task
behavioral1
Sample
99048dc891324a9de0b549076284c98a.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
99048dc891324a9de0b549076284c98a.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
99048dc891324a9de0b549076284c98a.exe
-
Size
268KB
-
MD5
99048dc891324a9de0b549076284c98a
-
SHA1
985b40edf121261194441c7d97eb214e8cb83c6a
-
SHA256
d00870fd26e1b59d194c932205acbf3ffc11590f1ef6109693f7b80a1227e106
-
SHA512
0ba9b1f8291fd53c1a9604c54918442b578e33153236ea0d666a4b5d99d21433e7e72add62b3358fd145cbbd3fe8330bf18b43cf70e09dbf17ffd301c256fe19
-
SSDEEP
3072:ZAlHTUPEvM/1uCYVtY9fmTjBv0gbdoPmtTBfI2plsct0:2lHTZE/sHY9OTlv0OdoPmtTBpplsc2
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 107.178.223.183 -
Suspicious behavior: EnumeratesProcesses 48 IoCs
pid Process 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe 1544 99048dc891324a9de0b549076284c98a.exe