b39077abc8a7fc1872f12c37dc878983dd79f7ed6328532e8812ceff3c71399e | Triage

Analysis

max time kernel
115s
max time network
117s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22/07/2024, 09:41

Sharing

Report Analysis Logs

General

Target

94ad09d7380639554d603bfdcc7c1140N.exe
Size

182KB
MD5

94ad09d7380639554d603bfdcc7c1140
SHA1

e09c719e2630643c644a55e67af96ef5c8830a4a
SHA256

b39077abc8a7fc1872f12c37dc878983dd79f7ed6328532e8812ceff3c71399e
SHA512

dc728be5fc7ed48bdb08c10d8e94ba74f8cda600879b813e9b954e689bf7826c23d294fa045c4ccd61cf47b642bad2f8d597ee99c5cf6be55e35661b9363560e
SSDEEP

3072:IfKPw/6Nb8lZtYpDzo83H6JrgboTlyMvXOqms0itTBf28VP6Z8g:AKP9NCZt8zErgsTlXvXBmJitTBe8Vq

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 1 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	107.178.223.183

Suspicious behavior: EnumeratesProcesses 36 IoCs

pid	Process
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe
1700	94ad09d7380639554d603bfdcc7c1140N.exe

C:\Users\Admin\AppData\Local\Temp\94ad09d7380639554d603bfdcc7c1140N.exe
"C:\Users\Admin\AppData\Local\Temp\94ad09d7380639554d603bfdcc7c1140N.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads