611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1

Analysis

max time kernel
91s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
25/10/2022, 19:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe
Size

1.0MB
MD5

3de6d349654ae5a0f7d2c3e5efe10524
SHA1

394ac243d447e390dcebf32a9cbc0b3280d952bc
SHA256

611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1
SHA512

7c57bffd7a93390c7211f4a9fc755e01160a525b11029861313c9e632922fccd41cab8168c54db268935a688f440d5f378d522bc99f248e8d12e19d19313c167
SSDEEP

24576:YoZpq4RWh/YDshWJFmGHXaRloHgD0bXSe8F:YSRZFmZE80/+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 23 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1848-132-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-133-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-134-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-136-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-138-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-140-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-142-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-144-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-146-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-148-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-150-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-152-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-154-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-156-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-158-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-160-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-162-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-164-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-166-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-168-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-170-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-172-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx
behavioral2/memory/1848-174-0x0000000000BC0000-0x0000000000BFE000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1848	611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe
1848	611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe
1848	611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe

C:\Users\Admin\AppData\Local\Temp\611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe
"C:\Users\Admin\AppData\Local\Temp\611d8ab0c9eadbf0819670c7c2d18975080ef5970b22703dc1cb4af6c667a3d1.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1848-132-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-133-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-134-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-136-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-138-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-140-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-142-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-144-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-146-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-148-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-150-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-152-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-154-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-156-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-158-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-160-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-162-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-164-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-166-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-168-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-170-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-172-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-174-0x0000000000BC0000-0x0000000000BFE000-memory.dmp

Filesize
248KB

Download
memory/1848-175-0x0000000000B00000-0x0000000000D81000-memory.dmp

Filesize
2.5MB

Download
memory/1848-176-0x0000000000B00000-0x0000000000D81000-memory.dmp

Filesize
2.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads