b9dbdd3444445ce02cab79fc62117bf55a61eb921228150e11ed540cf1fcd4e0 | Triage

Submit
Reports

Overview

overview

Static

static

HTTP-RAND.js

windows10-2004-x64

3

HTTP-RAW.js

windows10-2004-x64

3

HTTP-SOCKET.js

windows10-2004-x64

3

Hulk.js

windows10-2004-x64

3

MINECRAFT-SLAM

windows10-2004-x64

1

OVERFLOW

windows10-2004-x64

1

cybersec m...ol.exe

windows10-2004-x64

destroy.pl

windows10-2004-x64

3

flux

windows10-2004-x64

1

god.pl

windows10-2004-x64

3

home.pl

windows10-2004-x64

3

http1.js

windows10-2004-x64

3

https-spoof.py

windows10-2004-x64

3

hyper.js

windows10-2004-x64

3

ldap

windows10-2004-x64

1

nfo-killer

windows10-2004-x64

1

ntp

windows10-2004-x64

1

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
28-11-2024 08:05

Sharing

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

HTTP-RAND.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

HTTP-RAW.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

HTTP-SOCKET.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Hulk.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

MINECRAFT-SLAM

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

OVERFLOW

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

cybersec multitool.exe

Resource

win10v2004-20241007-en

umbral discovery execution spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral8

Sample

destroy.pl

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

flux

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

god.pl

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

home.pl

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

http1.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

https-spoof.py

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

hyper.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

ldap

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

nfo-killer

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

ntp

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

OVERFLOW
Size

2.4MB
MD5

a42324136a2a88cd916cf3b7bb8dd816
SHA1

78fee932dbe59b8167f671a9a622762fcf08be88
SHA256

b56ceef3b75283daaa7c068a84844a588d97ea167035f9bf8573e38ef21dd8fd
SHA512

72dd1f1424324fdca7f9ef23e9fa3b18b6e90103a898c442ca3e1577c3bd708d0c769c1617be9a2390e7e756e8fcfde86156e04d6e7ed2d753271db3414b2be1
SSDEEP

49152:61zeH79Blf9KGmIYk4gJKgtLTxiU5rPPt:4wBt9KFIP4gbi8t

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\OVERFLOW
1⤵
PID:2396

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy