Analysis

  • max time kernel
    55s
  • max time network
    57s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250502-en
  • resource tags

    arch:x64arch:x86image:win11-20250502-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20/05/2025, 00:21

General

  • Target

    STD.exe

  • Size

    6.3MB

  • MD5

    a27f9ce9ac43ae753d3d59e1b007ae29

  • SHA1

    ccd637f9b510c880fa09867538c6faae29ed097e

  • SHA256

    7a594591ece534e74299e4660ac0e2c458fca1136920f68904b6408c7e7e1071

  • SHA512

    5fbbcc6761e63a4091bd38bf729c5b88bf51025c3e5d2f9d9303d7816a56ad8fb7ada0cc5e2f347e827ba5ea2e5e3337fd432f3c0428872464ce5d0cd8a58fd2

  • SSDEEP

    49152:+GtlqY4VwASO79dY53/Gt/rTNtEb/UtjJFp1KktehlJzigH1oK9MtSc7iGv/T28i:rPWYbeyRhuRRzEDXb19AfyS+gJ0WPV7

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

Processes

  • C:\Users\Admin\AppData\Local\Temp\STD.exe
    "C:\Users\Admin\AppData\Local\Temp\STD.exe"
    1⤵
      PID:1968

    Network

          MITRE ATT&CK Enterprise v16

          Replay Monitor

          Loading Replay Monitor...

          Downloads