07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70

Analysis

max time kernel
153s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/03/2024, 17:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
Size

131KB
MD5

037e070528edb9b32011ddc5200c2a8f
SHA1

a9ceccc1406ddda0af682a482d088d6a45ffe4e5
SHA256

07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70
SHA512

b6825adfa5cddedc6ab2056c6107ce4be63beed955f2ad19de2d91318a1fcb503d8f856dc36b94a69a2c9636328156c53205ef260d89b9ae3b840ff9287dbd60
SSDEEP

3072:lJfuq8IzyLHIDkuketwxv+xkzuX4URMh/AIqxFID:nuq1yykutuv+xkzuSh/AIOID

Score

9^/10

Malware Config

Signatures

Detects executables packed with ASPack 3 IoCs

resource	yara_rule
behavioral2/memory/1628-0-0x0000000000400000-0x0000000000417000-memory.dmp	INDICATOR_EXE_Packed_ASPack
behavioral2/files/0x000700000002323a-5.dat	INDICATOR_EXE_Packed_ASPack
behavioral2/memory/1628-20-0x0000000000400000-0x0000000000417000-memory.dmp	INDICATOR_EXE_Packed_ASPack

Drops file in Windows directory 19 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Sims 2 crack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Doom 3 + cdfix.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike + hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 + cheat.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Quake3_hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\FlatOut(crack).exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Silent Hill 4 hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\FlatOut trainer.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Sims 2 crack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Counter-Strike + hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\FlatOut(crack).exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Quake3_hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Half-Life 2 + nocd.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2 fix.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\FlatOut trainer.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Doom 3 + cdfix.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 hack.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Half-Life 2 + cheat.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
File created	C:\Windows\win32dc\Half-Life 2 fix.exe	07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe

C:\Users\Admin\AppData\Local\Temp\07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe
"C:\Users\Admin\AppData\Local\Temp\07906137c3273659690ab31501c06ad5192d118f4102cba8cbe3c42cc9b52f70.exe"
1⤵
- Drops file in Windows directory
PID:1628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\FlatOut(crack).exe

Filesize
131KB

MD5
20f03dfa447e07bcad48a7b824958136

SHA1
a4b4647d5102540b136043821e1ebbc4d9e4f060

SHA256
6d3b9c8cea1bec170a4a90a7277ab426b13fb48191ea33df67c466f044721acb

SHA512
246c152bd099ff15c02457c81615186bc1a40a4e2a7c9a3f4bb5875de72325883e5d4547dcb9a22a3487ace88af6d53971ac33d1bd126723adc75c5aa9c045e5

Download Submit
memory/1628-0-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/1628-20-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads