Overview

overview

9

Static

static

sample.exe

windows10-1703-x64

9

Resubmissions

16/09/2022, 21:47

220916-1m7z7agfe9 9

29/05/2021, 07:24

210529-362q33faf6 9

Analysis

  • max time kernel
    151s
  • max time network
    85s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    16/09/2022, 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.exe

  • Size

    2.2MB

  • MD5

    88af65ad6b23ee2f9745ddacff604748

  • SHA1

    7636ea6f26c50379256b2507b7c21ecf45ad1d80

  • SHA256

    641156d7dcbfa28f469a4df5e49c46efd4af299d418324cf108aa50aa7d7f2b0

  • SHA512

    eface5855e358335336dadf3fda622a5609f0acacac10ab186a248c8b22e09ca1ed16e5d1d20021ba72950bb7189c3b3896c9adc513eb3caebca8bf8827b149e

  • SSDEEP

    24576:29hQ8C9v6GzcSVh+fSXCi/Q5ZAi2JXbAa5PVtFqDaujMhPl6mfWIqvgVT6ppT:UqweDaaimr95XcDaujydPWIqoVT6/

Score
9/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sample.exe
    "C:\Users\Admin\AppData\Local\Temp\sample.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    PID:2584
  • C:\Windows\system32\taskmgr.exe
    "C:\Windows\system32\taskmgr.exe" /4
    1⤵
      PID:4784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • \Users\Admin\AppData\Local\libeay32.dll
      Filesize

      618KB

      MD5

      7e1120e9859ef51ceb23f8c95ae76c5f

      SHA1

      7a8ee97008f3af5c198f108253a76f943ab7f2e1

      SHA256

      d8f43a3e9e58577901a1eadb64bab038f58fb2b38dd577d0a8856e46f0230fbc

      SHA512

      fbf0bb649102a04f1ae2ec5b169745f0303b4edf0b77e7fee6df8b7a34e6e271946d7c1c82ecc6f27a066832fb998aedf1112f3c884a836ffb5375d8ac97c208

      Download Submit

    • \Users\Admin\AppData\Local\ssleay32.dll
      Filesize

      152KB

      MD5

      186de2eaddf7aedc3c54296ab44d1161

      SHA1

      71380a0c8277a03304286d8a835c639020c0f3a3

      SHA256

      07ed634c604a5b009aa718fc44b4aa42e55214c829ebbd7382ec385c295cdc8b

      SHA512

      1366571bee8b91d34ccda16a044b03fa77dea9504f31d2b13454ea5ac1a575e61d3ae53352ae2b33217a471fe0d0b86a6f8b226bcabc439d2989d3ab1606036d

      Download Submit

    • memory/2584-143-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-163-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-121-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-122-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-123-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-124-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-125-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-126-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-127-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-128-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-129-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-130-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-131-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-132-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-133-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-134-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-135-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-136-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-137-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-138-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-139-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-140-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-141-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-142-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-120-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-117-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-155-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-146-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-147-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-148-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-149-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-150-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-119-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-152-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-153-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-145-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-156-0x0000000011000000-0x0000000011178000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/2584-118-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-157-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-158-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-159-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-160-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-161-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-162-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-144-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-164-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-165-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-167-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-166-0x0000000012000000-0x000000001205F000-memory.dmp

      Filesize

      380KB

      Download

    • memory/2584-168-0x0000000077A40000-0x0000000077BCE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2584-169-0x0000000011000000-0x0000000011178000-memory.dmp

      Filesize

      1.5MB

      Download