Analysis
-
max time kernel
55s -
max time network
57s -
platform
windows11-21h2_x64 -
resource
win11-20250502-en -
resource tags
arch:x64arch:x86image:win11-20250502-enlocale:en-usos:windows11-21h2-x64system -
submitted
20/05/2025, 00:21
Behavioral task
behavioral1
Sample
STD.exe
Resource
win11-20250502-en
2 signatures
150 seconds
General
-
Target
STD.exe
-
Size
6.3MB
-
MD5
a27f9ce9ac43ae753d3d59e1b007ae29
-
SHA1
ccd637f9b510c880fa09867538c6faae29ed097e
-
SHA256
7a594591ece534e74299e4660ac0e2c458fca1136920f68904b6408c7e7e1071
-
SHA512
5fbbcc6761e63a4091bd38bf729c5b88bf51025c3e5d2f9d9303d7816a56ad8fb7ada0cc5e2f347e827ba5ea2e5e3337fd432f3c0428872464ce5d0cd8a58fd2
-
SSDEEP
49152:+GtlqY4VwASO79dY53/Gt/rTNtEb/UtjJFp1KktehlJzigH1oK9MtSc7iGv/T28i:rPWYbeyRhuRRzEDXb19AfyS+gJ0WPV7
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs
flow ioc 2 discord.com 5 discord.com 6 discord.com 7 discord.com 8 discord.com 9 discord.com -
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 2 api.ipify.org 3 api.ipify.org