e5349ecc48321c93b6c60fbf814bf097f341e7d646cedaac36e1ab3f1c9ad6c3

Analysis

max time kernel
150s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2024, 09:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b86b693b33606252dbe61f8d1655ebdb.exe
Size

83KB
MD5

b86b693b33606252dbe61f8d1655ebdb
SHA1

ef000b43231582342c783cc19bb743fc5d8a6dfb
SHA256

e5349ecc48321c93b6c60fbf814bf097f341e7d646cedaac36e1ab3f1c9ad6c3
SHA512

8c743c70724ca66ed03ffe8703bc50098b57b335b83e05d43bd2d34f2276c60b52cabe1453c77ad2bc7d5bfc518510e79e80f62121eb5932c215003975475fbe
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzCBgLg1ZK6T:lV2BZVPlFlnxClFvLLcA+sPDzABC6T

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 18 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Quake3(fix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4_patch.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(trainer).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\DAoC(cdfix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\BattleField 1942(trainer).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Counter-Strike patch.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Quake3(fix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 patch.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\Quake3(cdfix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\DAoC(cdfix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2(hack).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\FlatOut(trainer).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Silent Hill 4_patch.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Quake3(cdfix).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Silent Hill 4 patch.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Half-Life 2(hack).exe	b86b693b33606252dbe61f8d1655ebdb.exe
File created	C:\Windows\win32dc\Half-Life 2_cdfix.exe	b86b693b33606252dbe61f8d1655ebdb.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2_cdfix.exe	b86b693b33606252dbe61f8d1655ebdb.exe

C:\Users\Admin\AppData\Local\Temp\b86b693b33606252dbe61f8d1655ebdb.exe
"C:\Users\Admin\AppData\Local\Temp\b86b693b33606252dbe61f8d1655ebdb.exe"
1⤵
- Drops file in Windows directory
PID:1748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Silent Hill 4 patch.exe

Filesize
84KB

MD5
907cb60cf62ab68f4bd64a696c1972fb

SHA1
868756cae98c7fb668df553e0c0c51c6fe03af99

SHA256
046b6911aab8f598d8af9c6bdaeaa61a45a9ed0fe7885d3da0bbf89260565c08

SHA512
0a6830bf3ef49b43d22e002a41ee3ab495bc474309d7fbf627fb629e8008b207cf406f1c136e8cf67911a01bb576e7472156ee5086ab59f01945701f40070e1b

Download Submit
memory/1748-18-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads