Overview

overview

10

Static

static

8

8492772ab8...26.exe

windows7_x64

8

8492772ab8...26.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    19s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    01-07-2022 03:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8492772ab8cba85be77602b00a06b8cc46c2beeecca0c8d52f6b141dc5d50e26.exe

  • Size

    907KB

  • MD5

    77f36f1ae786cf0835ce574b81668db6

  • SHA1

    0987f5681d484ad149890a585766a013cf3b64b3

  • SHA256

    8492772ab8cba85be77602b00a06b8cc46c2beeecca0c8d52f6b141dc5d50e26

  • SHA512

    be477e9ab39c00adc55a24fe4893f835e1475ede17a4632c9359d31064f870edf9639c51550615bfce82e34f5265ab01880099550fa1a4b4d6c9d8be95cdd27a

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 2 IoCs

    AutoIT scripts compiled to PE executables.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8492772ab8cba85be77602b00a06b8cc46c2beeecca0c8d52f6b141dc5d50e26.exe
    "C:\Users\Admin\AppData\Local\Temp\8492772ab8cba85be77602b00a06b8cc46c2beeecca0c8d52f6b141dc5d50e26.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1696-54-0x0000000076171000-0x0000000076173000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1696-55-0x0000000000070000-0x0000000000261000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/1696-56-0x0000000000070000-0x0000000000261000-memory.dmp

    Filesize

    1.9MB

    Download