Overview

overview

8

Static

static

9aa683a64a...c3.exe

windows7-x64

8

9aa683a64a...c3.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/09/2022, 06:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9aa683a64ad75efde2eac3dec997b4f1c24e85ba3c5344c787db2037b0148ac3.exe

  • Size

    1.7MB

  • MD5

    19738044b62603cb31addba6d3e9c1aa

  • SHA1

    06111a7fa9a8e22eae3787ddac388a95f0701287

  • SHA256

    9aa683a64ad75efde2eac3dec997b4f1c24e85ba3c5344c787db2037b0148ac3

  • SHA512

    4431670553e634099bd0a7b7f4051668ef3e8ff8302b9e5975446215e258cb1d364ad74a971fac1693bc77acb0a3456d8e69dd59af81e3ddd1f3128e66e8ff71

  • SSDEEP

    49152:dhUhAyGWv4uA+9ozsidvD4m4W6TYaXs2hG2NrBBK:oG0azsiJDADTYa82YyBBK

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 25 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9aa683a64ad75efde2eac3dec997b4f1c24e85ba3c5344c787db2037b0148ac3.exe
    "C:\Users\Admin\AppData\Local\Temp\9aa683a64ad75efde2eac3dec997b4f1c24e85ba3c5344c787db2037b0148ac3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4812

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\E_N60005\HtmlView.fne
          Filesize

          212KB

          MD5

          f9a994df4d407bc79f7c84886fe7a654

          SHA1

          c93e4be70794164b7b339218cc832ac94074d08e

          SHA256

          2e9769ace867c79d5fcdda0eb2660c52b5e062c69b36add42d22eb0dddc4b3ee

          SHA512

          41b1333ed08c10aaef3d766fec2d6b2fa4c79001d7ce18a06918c2aa8c4ade69018522882bfd4543add31efbef5e7bb450511f80dc9b580eb022cb7c406a820e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N60005\HtmlView.fne
          Filesize

          212KB

          MD5

          f9a994df4d407bc79f7c84886fe7a654

          SHA1

          c93e4be70794164b7b339218cc832ac94074d08e

          SHA256

          2e9769ace867c79d5fcdda0eb2660c52b5e062c69b36add42d22eb0dddc4b3ee

          SHA512

          41b1333ed08c10aaef3d766fec2d6b2fa4c79001d7ce18a06918c2aa8c4ade69018522882bfd4543add31efbef5e7bb450511f80dc9b580eb022cb7c406a820e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N60005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N60005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N60005\krnln.fnr
          Filesize

          1.2MB

          MD5

          1eece63319e7c5f6718562129b1572f1

          SHA1

          089ea3a605639eb1292f6a2a9720f0b2801b0b6e

          SHA256

          4bed8a6e4e1548fddee40927b438132b47ef2aca6e9beb06b89fcf7714726310

          SHA512

          13537d1dd80fa87b6b908361957e8c434ca547a575c8c8aab43423063e60cb5523fb1843a467ae73db4a64d278c06b831551e78ae6d895201f7ef0c5b162c1ab

          Download Submit

        • memory/4812-160-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-168-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-142-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-144-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-146-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-148-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-150-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-154-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-156-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-152-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-158-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-132-0x0000000000400000-0x00000000004BE000-memory.dmp

          Filesize

          760KB

          Download

        • memory/4812-162-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-164-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-166-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-140-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-170-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-172-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-174-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-176-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-179-0x0000000002560000-0x0000000002598000-memory.dmp

          Filesize

          224KB

          Download

        • memory/4812-138-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-135-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-136-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-183-0x00000000034E0000-0x0000000003521000-memory.dmp

          Filesize

          260KB

          Download

        • memory/4812-134-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-185-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/4812-186-0x0000000000400000-0x00000000004BE000-memory.dmp

          Filesize

          760KB

          Download

        • memory/4812-187-0x0000000002500000-0x000000000253F000-memory.dmp

          Filesize

          252KB

          Download