Overview

overview

9

Static

static

3

satan.zip

windows7-x64

1

satan.zip

windows10-2004-x64

1

satan.exe

windows7-x64

9

satan.exe

windows10-2004-x64

Analysis

  • max time kernel
    1s
  • max time network
    12s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-04-2024 08:02

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown: "{\"level\":\"info\",\"time\":\"2024-04-26T08:09:44Z\",\"message\":\"Dirty snapshot: /var/lib/sandbox/hatchvm/win10v2004-20240412-en/instance_19-dirty.qcow2\"}"
Report Analysis Logs

General

  • Target

    satan.exe

  • Size

    184KB

  • MD5

    c9c341eaf04c89933ed28cbc2739d325

  • SHA1

    c5b7d47aef3bd33a24293138fcba3a5ff286c2a8

  • SHA256

    1a0a2fd546e3c05e15b2db3b531cb8e8755641f5f1c17910ce2fb7bbce2a05b7

  • SHA512

    7cfa6ec0be0f5ae80404c6c709a6fd00ca10a18b6def5ca746611d0d32a9552f7961ab0ebf8a336b27f7058d700205be7fcc859a30d7d185aa9457267090f99b

  • SSDEEP

    3072:H8SIBtQnE7OhssdWJ5jy392aCmCbBq0ryEbh/Wl7hqU6Q4NJ15xgDbvSY5thfRb3:c7qvhssdu5jyYaCmCQVE6hqUI5sb9Rb3

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\satan.exe
    "C:\Users\Admin\AppData\Local\Temp\satan.exe"
    1⤵
      PID:208
    • C:\Users\Admin\AppData\Roaming\Ilucqo\ipid.exe
      "C:\Users\Admin\AppData\Roaming\Ilucqo\ipid.exe"
      1⤵
        PID:2564

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Roaming\Ilucqo\ipid.exe
        Filesize

        67KB

        MD5

        b06d28ef2983e12c1c6eea9cf300fd0a

        SHA1

        340c15f0daf1e912aac92e92813459575f5cdc04

        SHA256

        d9f6d58f3b8bf7f91c946fa50804b3cba95a255420f40b8af008535cc7701b34

        SHA512

        ffabebdcd0f57da94b47691fe08e5bbbf3f3d43844497baf6f7d15dfe2dd3201c2cb7df16621f3ff541065ea79e09f90420ac2e977bd24071e5d43cab6585e80

        Download Submit
      • memory/2504-38-0x0000000000D90000-0x0000000000E2E000-memory.dmp
        Filesize

        632KB

        Download
      • memory/2504-25-0x0000000000B40000-0x0000000000BEC000-memory.dmp
        Filesize

        688KB

        Download
      • memory/2504-21-0x0000000000990000-0x0000000000B31000-memory.dmp
        Filesize

        1.6MB

        Download
      • memory/2528-17-0x000002F29E460000-0x000002F29E477000-memory.dmp
        Filesize

        92KB

        Download
      • memory/2552-20-0x000002181D5C0000-0x000002181D5D7000-memory.dmp
        Filesize

        92KB

        Download
      • memory/2552-27-0x000002181D5C0000-0x000002181D5D7000-memory.dmp
        Filesize

        92KB

        Download
      • memory/2564-16-0x0000000000400000-0x0000000000417000-memory.dmp
        Filesize

        92KB

        Download
      • memory/2564-11-0x0000000000400000-0x0000000000417000-memory.dmp
        Filesize

        92KB

        Download
      • memory/2636-31-0x000002003CB50000-0x000002003CB67000-memory.dmp
        Filesize

        92KB

        Download
      • memory/3408-28-0x0000000002C30000-0x0000000002C47000-memory.dmp
        Filesize

        92KB

        Download
      • memory/3408-35-0x0000000002C30000-0x0000000002C47000-memory.dmp
        Filesize

        92KB

        Download
      • memory/3652-0-0x0000000000400000-0x0000000000412000-memory.dmp
        Filesize

        72KB

        Download
      • memory/3652-2-0x0000000000400000-0x0000000000412000-memory.dmp
        Filesize

        72KB

        Download