Overview

overview

10

Static

static

10

AnyDesk.exe

windows7-x64

1

AnyDesk.exe

windows10-2004-x64

1

Archevod_XWorm.exe

windows7-x64

10

Archevod_XWorm.exe

windows10-2004-x64

10

ClickMe.lnk

windows7-x64

8

ClickMe.lnk

windows10-2004-x64

8

Cmstp.bat

windows7-x64

10

Cmstp.bat

windows10-2004-x64

10

GoogleChrome.exe

windows7-x64

10

GoogleChrome.exe

windows10-2004-x64

10

Hidden_Und...on.ps1

windows7-x64

8

Hidden_Und...on.ps1

windows10-2004-x64

8

Hidden_magic.vbs

windows7-x64

3

Hidden_magic.vbs

windows10-2004-x64

7

Manage.bat

windows7-x64

1

Manage.bat

windows10-2004-x64

1

Night_uac/...in.ps1

windows7-x64

8

Night_uac/...in.ps1

windows10-2004-x64

8

Night_uac/...ge.ps1

windows7-x64

8

Night_uac/...ge.ps1

windows10-2004-x64

8

Night_uac/...gen.py

windows7-x64

3

Night_uac/...gen.py

windows10-2004-x64

3

Night_uac/amsi.ps1

windows7-x64

3

Night_uac/amsi.ps1

windows10-2004-x64

3

Night_uac/amsi.ps1

windows7-x64

3

Night_uac/amsi.ps1

windows10-2004-x64

3

Night_uac/command.ps1

windows7-x64

3

Night_uac/command.ps1

windows10-2004-x64

3

Night_uac/down.ps1

windows7-x64

8

Night_uac/down.ps1

windows10-2004-x64

8

Night_uac/...gp.ps1

windows7-x64

3

Night_uac/...gp.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18-10-2024 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AnyDesk.exe

  • Size

    2.9MB

  • MD5

    7cd339f9be1417421acf8790c9738922

  • SHA1

    c25eff4d9d2d5b55f1cc4ffc623354004565e8b9

  • SHA256

    ec0ec7ce8ef71cb7e7d1c2418c47ad94cea8833db8578ccdf94271f8efed38d3

  • SHA512

    f118ea660a51ff38abc20a9ad16f6505cf8a862df1b564829d9af06710e0c4b91d0abbedc4b852696acf0e807a25138d82c2fc518cd54c32dba92f513467b411

  • SSDEEP

    49152:vAOdl4d7NHNUb75uEEbOyYWHxL9X5zT/dPUAUA/JH:El8DFWHTN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
    "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    361B

    MD5

    3ae05f2c2c68b128224a30f0942ed44a

    SHA1

    4437fab0d9eabd1546afb505482f0e97fa3ae2a7

    SHA256

    95b7e125e69c9f6bed6b283b678d51b02b8ca08c4a9cf94b2405fc9deb859fa0

    SHA512

    2876aac406c7cd8366767e91cf3de4071ea85736a5e88c628747a626b8d752865dc2a3ec2f258a039bd3b6594d8e00149c09f582ae1b27a78efc67ad7b4dc0af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    4015a3c0e3623cbfacdad6010153bb3d

    SHA1

    05e748fd02731706bb6dc15f0cc394fb952cd055

    SHA256

    1cd528c881d72795abd6275c7b75c08228703d2d145bf391da38436abfb7e23f

    SHA512

    7db0399cd70d9dab1a97c43739ef74bfe4fff19ebd4eac4bb8ba32185dabb00e591213ad949beab0dd3aab5a4e6c071580bacab769a46571952e19bfa09bbdba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    f64610932fcbafe21f718472271faf03

    SHA1

    2609bd5518e40fbf57ec2d7324bf97124b0e0e98

    SHA256

    1a14fe3fe2a9086ef02c1730bf236285375204f5aa5361aee7b0608c47ed9871

    SHA512

    77920ded8a2abc48d3dc5377da3426b91ce5e0044c3fc9d371fc3b907d54bf15a638dee032ad05a3259fd051cbd8a3e892f1763b9c16ccaeb9097c1de15abc93

    Download Submit