Overview

overview

6

Static

static

3

DDoS Tools...1s.exe

windows10-2004-x64

1

DDoS Tools...oS.exe

windows10-2004-x64

1

DDoS Tools...IC.bat

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

6

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools....0.exe

windows10-2004-x64

1

DDoS Tools...oS.exe

windows10-2004-x64

1

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools....0.exe

windows10-2004-x64

3

DDoS Tools...V1.exe

windows10-2004-x64

3

DDoS Tools....1.exe

windows10-2004-x64

3

DDoS Tools...er.exe

windows10-2004-x64

1

DDoS Tools...e].exe

windows10-2004-x64

1

Resubmissions

06/03/2024, 22:01

240306-1xfcxsaf94 7

06/03/2024, 21:58

240306-1vjmkaaf42 6

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 21:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DDoS Tools Legacy/WicKds Booter v3.1.exe

  • Size

    189KB

  • MD5

    914bb10e7e05eb5c0d152baa67020fd8

  • SHA1

    56a1a001a24078c601da1411169b58581c91877a

  • SHA256

    a76147a0d9c67b14c45e46790b4828d0f784121010f81aaf2c26316f95a5f477

  • SHA512

    e30e0565f679e12896995434055db3a84250a001b344fcf5c99053f61687b244c350bbe36b79e4699e7fdc79275dac95ae6cec471c8d0d4af06c172ce2d0bab6

  • SSDEEP

    3072:x91N9FDv2X1L+1geX5L3hHu/QiXkicwsXQ2p2qMg+4:x91Nzm1fQNA2p

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DDoS Tools Legacy\WicKds Booter v3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\DDoS Tools Legacy\WicKds Booter v3.1.exe"
    1⤵
      PID:1096
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1096 -s 808
        2⤵
        • Program crash
        PID:2820
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 1096 -ip 1096
      1⤵
        PID:4364

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1096-0-0x00000000008D0000-0x0000000000906000-memory.dmp

        Filesize

        216KB

        Download

      • memory/1096-1-0x0000000074B80000-0x0000000075330000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/1096-2-0x00000000051A0000-0x00000000051A3000-memory.dmp

        Filesize

        12KB

        Download

      • memory/1096-3-0x0000000074B80000-0x0000000075330000-memory.dmp

        Filesize

        7.7MB

        Download