Analysis

  • max time kernel
    6s
  • max time network
    10s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/10/2022, 07:09

General

  • Target

    93d8b1e858682a3c8101bd8e6d4376da314fab05b0fe076028ebb30eb2905bca.exe

  • Size

    726KB

  • MD5

    7271f686efdad2e30380ecabc2d73e10

  • SHA1

    3278009ca3fa9dcfbe5310424ebfbe9ad5b828ef

  • SHA256

    93d8b1e858682a3c8101bd8e6d4376da314fab05b0fe076028ebb30eb2905bca

  • SHA512

    45d51cf1c43a0fcc124998ed4ebc0d27a4c39defd1d0cbcedd32c71eb98b3a20f8c590086f29a77ed0a3075ab9b3cf2d3edb81bd9699462950a1c4932ee043a4

  • SSDEEP

    12288:WS0yaHQXxcOlrxbQ0VGrcJ98F6/gvI+LeDFkUMmJj4h/xQp6+tqOYy9zo08:oxwBcOZx1/PqNUMiE0ltYYoP

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 7 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\93d8b1e858682a3c8101bd8e6d4376da314fab05b0fe076028ebb30eb2905bca.exe
    "C:\Users\Admin\AppData\Local\Temp\93d8b1e858682a3c8101bd8e6d4376da314fab05b0fe076028ebb30eb2905bca.exe"
    1⤵
    • Checks BIOS information in registry
    • Checks processor information in registry
    • Enumerates system info in registry
    PID:2640

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2640-132-0x000000003F9C0000-0x000000003F9D1000-memory.dmp

          Filesize

          68KB

        • memory/2640-133-0x0000000000400000-0x0000000001400000-memory.dmp

          Filesize

          16.0MB