Malware Analysis Report

2025-03-15 03:42

Sample ID 250125-f1hbgaxpa1
Target Frat.exe
SHA256 f19de3ad6a5bfa72e0f4afb9c89dfc3b1b82c0c0abcccff3b141c9e93cc12fe9
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

f19de3ad6a5bfa72e0f4afb9c89dfc3b1b82c0c0abcccff3b141c9e93cc12fe9

Threat Level: Likely benign

The file Frat.exe was found to be: Likely benign.

Malicious Activity Summary


Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2025-01-25 05:20

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-25 05:20

Reported

2025-01-25 05:20

Platform

win7-20240903-en

Max time kernel

26s

Max time network

16s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Frat.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Frat.exe

"C:\Users\Admin\AppData\Local\Temp\Frat.exe"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2025-01-25 05:20

Reported

2025-01-25 05:20

Platform

win10v2004-20241007-en

Max time kernel

30s

Max time network

24s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Frat.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Frat.exe

"C:\Users\Admin\AppData\Local\Temp\Frat.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
US 8.8.8.8:53 udp
N/A 20.109.210.53:443 tcp

Files

N/A