Overview

overview

8

Static

static

8

1e970c1f84...4b.exe

windows7-x64

8

1e970c1f84...4b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    40s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2022, 20:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e970c1f84d654be7db84613707d5443505859d79ed4229d0a5981be61b4504b.exe

  • Size

    66KB

  • MD5

    5c9fd3eb6f01f18097ba504caf032a1d

  • SHA1

    b6d77bdec42a574b8aabd88e41b1c75bf2db0c72

  • SHA256

    1e970c1f84d654be7db84613707d5443505859d79ed4229d0a5981be61b4504b

  • SHA512

    f0ef7deb3f730fbe1bb369c1d327ef4d30bf87a22d16fab35968784751876f1a64fc0adaf5501acd64a1fa2c5e69cd45f0697106f76a142ab546c7b856f45903

  • SSDEEP

    1536:MHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVt/2YRmA7f:MHoLde/OgV432UcP39hXJZn/UEf

Score
8/10
persistenceupx

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e970c1f84d654be7db84613707d5443505859d79ed4229d0a5981be61b4504b.exe
    "C:\Users\Admin\AppData\Local\Temp\1e970c1f84d654be7db84613707d5443505859d79ed4229d0a5981be61b4504b.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    PID:1112

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1112-54-0x0000000000400000-0x0000000000429000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1112-55-0x0000000000220000-0x0000000000224000-memory.dmp

    Filesize

    16KB

    Download