b9ad79eaf7a4133f95f24c3b9d976c72f34264dc5c99030f0e57992cb5621f78

Analysis

max time kernel
0s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
03-05-2024 10:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AnyDesk.exe
Size

3.0MB
MD5

eb80f7bddb699784baa9fbf2941eaf4a
SHA1

df6abbfd20e731689f3c7d2a55f45ac83fbbc40b
SHA256

b9ad79eaf7a4133f95f24c3b9d976c72f34264dc5c99030f0e57992cb5621f78
SHA512

3a1162e9fef849cb7143dc1898d4cfcfd87eb80ced0edb321dfa096686b25ae8a9a7f3ae8f37a09724d94f96d64e08940fc23c0b931ddd8a1e70e2792cb3fe47
SSDEEP

98304:6aJXyQTrRGlSMoIuORmKBQielvZlpkiSti:3olMcR9BTY3WS

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
1⤵
PID:4300
- C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-service
  2⤵
  PID:3140
- C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe" --local-control
  2⤵
  PID:4932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace

Filesize
8KB

MD5
43a4b64889cce75d092d254b9596df6f

SHA1
a95f01d217b52a742d0c16c6aba03c0a6582c2d5

SHA256
0d47531f6f98ff65eee1b8a36e4488a8fc3303c2b871308afe69c5d275a91ff1

SHA512
bcc451ebb61e2de486f5f7da06de34fb4666586b9ce38ad9d578cdc44cac37ba412cc44d2b2018c29f2980b40d2d1663b66862dcd7da98c0ead03ccdbb704d3d

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf

Filesize
2KB

MD5
b1656cbb7d6a84dd5764495e719c1c5a

SHA1
f341d59f2d36f4e051beb98095f044d66f56d6d9

SHA256
9796c58ec979a39ca8492a2200044c313d9f2ddc6b4b77983aa6218666a19655

SHA512
9177fa185b81aa5d6c473cb562878eaa836b6ae990c2c3f70acf81a0d7160ae0f8774044f2f64fda48bbe4c6bda8f708f6d4e508204141764235976b59ad998e

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
105B

MD5
6c25e6aa62e92ca880459208d9558de8

SHA1
12a2b024a1ab81ed3b34d1aa13d4f2b77570e94e

SHA256
03d12abf7dcab4a8efb541655b90f537faf41b4de44ec988ccc15a207ce0014c

SHA512
72ddd778d8da2fd73e8cc047b9c65bc627dfa08b73352636704ccae66be147befbc076fa3928fa09004a06ea58d5e3e08755a5571b67dfdf12cc559b93ea6b2b

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
107B

MD5
4e2c450f8608a6c5c588263cac6c77f8

SHA1
c59aebcc558653ee9af8312fb15fa8fd8a8251ca

SHA256
7a050c423d52bd434e450dfdc9d68f859dc5594f60cb77e9e56064a1e4b3fd4b

SHA512
f7fd266041d7bab9f6b8c437eceebf7a486f0058ea60001de3b49a7c8e07fec838703e1c89269f1032d4f982e4a5400c7aa7153596196aaa37067c580181419f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
205B

MD5
8de8fc89da2be4215e5dfa0c997e77f0

SHA1
3557df07a7d459c6506763eb69130a7e7049d6c1

SHA256
dabab62439eb2686b581086c360eebd27a4d30d65b61983b37c48eac92a9e32f

SHA512
55c5405a668808004841a416ee88ed9f83950d648fc5a2cbd82fa131e28ac7f15ef26878f732db5d940de6988cade4799aca0de25f49e857a0a74270317784a8

Download Submit
memory/3140-20-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download
memory/4300-2-0x0000000000A04000-0x0000000001313000-memory.dmp

Filesize
9.1MB

Download
memory/4300-1-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download
memory/4300-4-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download
memory/4300-13-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download
memory/4300-17-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download
memory/4932-18-0x0000000000A00000-0x0000000001612000-memory.dmp

Filesize
12.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads