Analysis
-
max time kernel
103s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20250502-en -
resource tags
arch:x64arch:x86image:win10v2004-20250502-enlocale:en-usos:windows10-2004-x64system -
submitted
20/05/2025, 00:23
Behavioral task
behavioral1
Sample
STD.exe
Resource
win10v2004-20250502-en
2 signatures
150 seconds
General
-
Target
STD.exe
-
Size
6.3MB
-
MD5
a27f9ce9ac43ae753d3d59e1b007ae29
-
SHA1
ccd637f9b510c880fa09867538c6faae29ed097e
-
SHA256
7a594591ece534e74299e4660ac0e2c458fca1136920f68904b6408c7e7e1071
-
SHA512
5fbbcc6761e63a4091bd38bf729c5b88bf51025c3e5d2f9d9303d7816a56ad8fb7ada0cc5e2f347e827ba5ea2e5e3337fd432f3c0428872464ce5d0cd8a58fd2
-
SSDEEP
49152:+GtlqY4VwASO79dY53/Gt/rTNtEb/UtjJFp1KktehlJzigH1oK9MtSc7iGv/T28i:rPWYbeyRhuRRzEDXb19AfyS+gJ0WPV7
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 7 IoCs
flow ioc 43 discord.com 50 discord.com 75 discord.com 8 discord.com 9 discord.com 12 discord.com 42 discord.com -
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 1 api.ipify.org 3 api.ipify.org