Analysis
-
max time kernel
150s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20210410 -
submitted
29-05-2021 07:24
General
-
Target
sample.exe
-
Size
2.2MB
-
MD5
88af65ad6b23ee2f9745ddacff604748
-
SHA1
7636ea6f26c50379256b2507b7c21ecf45ad1d80
-
SHA256
641156d7dcbfa28f469a4df5e49c46efd4af299d418324cf108aa50aa7d7f2b0
-
SHA512
eface5855e358335336dadf3fda622a5609f0acacac10ab186a248c8b22e09ca1ed16e5d1d20021ba72950bb7189c3b3896c9adc513eb3caebca8bf8827b149e
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 2 IoCs
Detects file using ACProtect software.
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\sample.exe"C:\Users\Admin\AppData\Local\Temp\sample.exe"1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\libeay32.dllMD5
7e1120e9859ef51ceb23f8c95ae76c5f
SHA17a8ee97008f3af5c198f108253a76f943ab7f2e1
SHA256d8f43a3e9e58577901a1eadb64bab038f58fb2b38dd577d0a8856e46f0230fbc
SHA512fbf0bb649102a04f1ae2ec5b169745f0303b4edf0b77e7fee6df8b7a34e6e271946d7c1c82ecc6f27a066832fb998aedf1112f3c884a836ffb5375d8ac97c208
-
\Users\Admin\AppData\Local\ssleay32.dllMD5
186de2eaddf7aedc3c54296ab44d1161
SHA171380a0c8277a03304286d8a835c639020c0f3a3
SHA25607ed634c604a5b009aa718fc44b4aa42e55214c829ebbd7382ec385c295cdc8b
SHA5121366571bee8b91d34ccda16a044b03fa77dea9504f31d2b13454ea5ac1a575e61d3ae53352ae2b33217a471fe0d0b86a6f8b226bcabc439d2989d3ab1606036d
-
memory/1084-59-0x00000000752F1000-0x00000000752F3000-memory.dmpFilesize
8KB