Overview

overview

6

Static

static

3

DDoS Tools...1s.exe

windows10-2004-x64

1

DDoS Tools...oS.exe

windows10-2004-x64

1

DDoS Tools...IC.bat

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

6

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools....0.exe

windows10-2004-x64

1

DDoS Tools...oS.exe

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools....0.exe

windows10-2004-x64

3

DDoS Tools...V1.exe

windows10-2004-x64

3

DDoS Tools....1.exe

windows10-2004-x64

3

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools...e].exe

windows10-2004-x64

1

Resubmissions

06/03/2024, 22:01

240306-1xfcxsaf94 7

06/03/2024, 21:58

240306-1vjmkaaf42 6

Analysis

  • max time kernel
    157s
  • max time network
    165s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 21:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DDoS Tools Legacy/Shockwave Booter v2.0.exe

  • Size

    282KB

  • MD5

    1c72942961917ccf4fc5be1e823ab4cb

  • SHA1

    22b121e28b9032de93b78a35e5c959409dadd06f

  • SHA256

    e8e3502a3efcbf9066a9567267c8d502c0fa700aa2c28a462bdf01f5b76ed4e3

  • SHA512

    1f82afacf464bf69d7a9e873760df904b83aacb99d4d15b3790c36577283f5c630fe1a4c2d2157726892a7cf33864a20faf4f97ef57d5ece577f4d657b702432

  • SSDEEP

    3072:iBLrUT/xMKVFXy/kURpUPITEN6AwZlv4/xMKVFXy/kURpU8oI:iBLrA/OWly/oRw/v4/OWly/oXI

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DDoS Tools Legacy\Shockwave Booter v2.0.exe
    "C:\Users\Admin\AppData\Local\Temp\DDoS Tools Legacy\Shockwave Booter v2.0.exe"
    1⤵
      PID:4284
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 800
        2⤵
        • Program crash
        PID:4792
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4284 -ip 4284
      1⤵
        PID:2140
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1348 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
        1⤵
          PID:3012

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4284-0-0x00000000744E0000-0x0000000074C90000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/4284-1-0x0000000000740000-0x000000000078C000-memory.dmp

          Filesize

          304KB

          Download

        • memory/4284-2-0x0000000001240000-0x0000000001243000-memory.dmp

          Filesize

          12KB

          Download

        • memory/4284-3-0x0000000002B10000-0x0000000002B11000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4284-4-0x00000000744E0000-0x0000000074C90000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/4284-5-0x0000000001240000-0x0000000001243000-memory.dmp

          Filesize

          12KB

          Download