Overview

overview

9

Static

static

3

UDP Flashf...uS.exe

windows11-21h2-x64

9

Resubmissions

13/06/2024, 02:19

240613-cryejsvcjr 9

13/06/2024, 01:54

240613-cbr8lazfpb 9

Analysis

  • max time kernel
    1048s
  • max time network
    257s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/06/2024, 01:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    UDP Flashflood v1.0/UDP Flashflood v1.0 by BrutuS.exe

  • Size

    48KB

  • MD5

    5e2bed0f69ceef0fbd181db6de19968a

  • SHA1

    fd9b1c2b9df237cb8f81ff74a4de9dbd83b25690

  • SHA256

    cf272129a609777249355a1a1bef6d0748f0d096f01ce753fca83c0087062199

  • SHA512

    ead9984e551897877838256b521486bc54990526b00451f05ed887453c4f0ce471f4fffde58bce8e36c545c121b8221df08e5dcf7378f2443f47f631fbf514f6

  • SSDEEP

    384:IHZ8f14uBhVwLpxtaZSJCI/Qu5GbcelVCkOe:Iaf2uB7ZS4WqceDCX

Score
9/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Unexpected DNS network traffic destination 64 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

  • C:\Users\Admin\AppData\Local\Temp\UDP Flashflood v1.0\UDP Flashflood v1.0 by BrutuS.exe
    "C:\Users\Admin\AppData\Local\Temp\UDP Flashflood v1.0\UDP Flashflood v1.0 by BrutuS.exe"
    1⤵
      PID:3804

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3804-0-0x00007FF836345000-0x00007FF836346000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3804-1-0x000000001BEF0000-0x000000001BF96000-memory.dmp

            Filesize

            664KB

            Download

          • memory/3804-2-0x00007FF836090000-0x00007FF836A31000-memory.dmp

            Filesize

            9.6MB

            Download

          • memory/3804-3-0x00007FF836090000-0x00007FF836A31000-memory.dmp

            Filesize

            9.6MB

            Download

          • memory/3804-4-0x00007FF836090000-0x00007FF836A31000-memory.dmp

            Filesize

            9.6MB

            Download

          • memory/3804-5-0x00007FF836345000-0x00007FF836346000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3804-6-0x00007FF836090000-0x00007FF836A31000-memory.dmp

            Filesize

            9.6MB

            Download