Overview

overview

10

Static

static

10

AnyDesk.exe

windows7-x64

1

AnyDesk.exe

windows10-2004-x64

1

Archevod_XWorm.exe

windows7-x64

10

Archevod_XWorm.exe

windows10-2004-x64

10

ClickMe.lnk

windows7-x64

8

ClickMe.lnk

windows10-2004-x64

8

Cmstp.bat

windows7-x64

10

Cmstp.bat

windows10-2004-x64

10

GoogleChrome.exe

windows7-x64

10

GoogleChrome.exe

windows10-2004-x64

10

Hidden_Und...on.ps1

windows7-x64

8

Hidden_Und...on.ps1

windows10-2004-x64

8

Hidden_magic.vbs

windows7-x64

3

Hidden_magic.vbs

windows10-2004-x64

7

Manage.bat

windows7-x64

1

Manage.bat

windows10-2004-x64

1

Night_uac/...in.ps1

windows7-x64

8

Night_uac/...in.ps1

windows10-2004-x64

8

Night_uac/...ge.ps1

windows7-x64

8

Night_uac/...ge.ps1

windows10-2004-x64

8

Night_uac/...gen.py

windows7-x64

3

Night_uac/...gen.py

windows10-2004-x64

3

Night_uac/amsi.ps1

windows7-x64

3

Night_uac/amsi.ps1

windows10-2004-x64

3

Night_uac/amsi.ps1

windows7-x64

3

Night_uac/amsi.ps1

windows10-2004-x64

3

Night_uac/command.ps1

windows7-x64

3

Night_uac/command.ps1

windows10-2004-x64

3

Night_uac/down.ps1

windows7-x64

8

Night_uac/down.ps1

windows10-2004-x64

8

Night_uac/...gp.ps1

windows7-x64

3

Night_uac/...gp.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-10-2024 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AnyDesk.exe

  • Size

    2.9MB

  • MD5

    7cd339f9be1417421acf8790c9738922

  • SHA1

    c25eff4d9d2d5b55f1cc4ffc623354004565e8b9

  • SHA256

    ec0ec7ce8ef71cb7e7d1c2418c47ad94cea8833db8578ccdf94271f8efed38d3

  • SHA512

    f118ea660a51ff38abc20a9ad16f6505cf8a862df1b564829d9af06710e0c4b91d0abbedc4b852696acf0e807a25138d82c2fc518cd54c32dba92f513467b411

  • SSDEEP

    49152:vAOdl4d7NHNUb75uEEbOyYWHxL9X5zT/dPUAUA/JH:El8DFWHTN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe
    "C:\Users\Admin\AppData\Local\Temp\AnyDesk.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    e80fff3d64d64522346ca0b5772041a9

    SHA1

    f0770ac2627626c0abdaf11040ed9ae78adce4d2

    SHA256

    8e3608e0050403214aaed47fae9b5caf880ee157e3a968efe06fd57f58fbb5d8

    SHA512

    e759a024641919284618a06b67356895a8bfdddbc7fcf8b2d2eb437b5d865f8513096b63bb23e0b9f56d43770246c2ac25fb36473874076440c16597c30e1647

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    398B

    MD5

    0a0fddeea3fcacf9781b268a25c0b0f2

    SHA1

    e2fba639ed0ed2e625c86db11209cad9250e36b6

    SHA256

    49312e180a2a2f6b77a022609f7f2ff3a9e03c6c071407b5d7e5424838df7fb5

    SHA512

    ee7df3a575e702182f85ab9ebcf53b30214d8c5e79da873f5175e11dfe5d88e0473c68d694d74f90900e0b0f55e5f7fe3978bac83de302de07abbcec85909c15

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    2f516e907bc8c76050ff2a2abb54c607

    SHA1

    0b703e291a6cfc1c9cd1983024e2b732cae20458

    SHA256

    12fdfa094fd1bcb8347496adac511ae3a9549020ca72893a6ff23ef8ce424140

    SHA512

    d974699c65c438bfc0e8efe94891746cc5398c11fdca6787a6ffcb9955cc2340100f4321a94b789cae5e3521f59951c4cf0e57c9789900f1e977b554d2b38eee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    197B

    MD5

    b008259a68acac2b0aaf34e026d15071

    SHA1

    697bbff22fc653958fdc5dfe347b63b55a9fbd8c

    SHA256

    a5625ec5efa960befa86a4dc8d52ff2d5aed4f4e960e05fb9a9e57549adc5eb3

    SHA512

    34c79dc94ac76d25bce366761aa9011768031c851cb1b82b76377d99150d14d7aa54b2c55012d65158b5ac08da078672a9c3f98d61708a248460a390630bfbcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    7571447e604ff350424e55d498d72c6e

    SHA1

    f3f08e2adeb1a881dda0e822bc1c99705b67598c

    SHA256

    473e9647ff8913d6cea6264a879cfe376154c0784e5d990f4339d88f6becdb41

    SHA512

    158f892ccb17135b824701dc3581f13e8dc7cc7d814fd47434d305147dbe5479e0253bad30fcfc8da14f559f8b89c557b839bc513ace751436bb4fcb0de20a59

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UltraVNC.ini
    Filesize

    1KB

    MD5

    7573fd92ecd20ce803d26761a4507800

    SHA1

    eeb2517e35e87f610c7849584433a48d35bb86a5

    SHA256

    44f92af116d9c80d3d5936f56edf7ac3b804df9e4a8a4a68bd273223388de6e6

    SHA512

    5d15b6f71b059283e508bfe30050dff4b5d315aabae71f3f40ef97b1c665be641ecc5be8ac3aba05ac691a45b8200ba5c1f60bc048e09d3f5812c8cfc8731ebc

    Download Submit