Overview

overview

8

Static

static

8

8e6027053c...ba.exe

windows7-x64

8

8e6027053c...ba.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    30s
  • max time network
    73s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/10/2022, 23:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8e6027053c6bdda2effa47b1c6752e51a88a4ab506094240a348305b9305b8ba.exe

  • Size

    19KB

  • MD5

    0d152a0ce06ce7a3526726c7a90e0140

  • SHA1

    b3d8800e2b80ebb6bdbf3fb3a7f03ede94f84057

  • SHA256

    8e6027053c6bdda2effa47b1c6752e51a88a4ab506094240a348305b9305b8ba

  • SHA512

    3682dca338c1f5382b16c2851efaadf2b7f932b9f009c79c26e324f06988faf350edf61651b0f9c952258b652b6431200144c142e05ad2774b83df68b0d75ef9

  • SSDEEP

    384:FLxuSvUFXjxprGAqDOBlWgkVW6VZp13M5Bp2VQWtIHOEv/zt/SBTOaN:FLxuSejbrRqqBlTYtWWVQTumpM5

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\8e6027053c6bdda2effa47b1c6752e51a88a4ab506094240a348305b9305b8ba.exe
    "C:\Users\Admin\AppData\Local\Temp\8e6027053c6bdda2effa47b1c6752e51a88a4ab506094240a348305b9305b8ba.exe"
    1⤵
      PID:1248
      • C:\Windows\SysWOW64\cmd.exe
        "C:\Windows\system32\cmd.exe" /c del C:\Users\Admin\AppData\Local\Temp\8E6027~1.EXE > nul
        2⤵
          PID:1332
      • C:\Windows\ogwegk.exe
        C:\Windows\ogwegk.exe
        1⤵
          PID:3208

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\hra33.dll
          Filesize

          9KB

          MD5

          5c7b07f4378446d2cb76974604edcb36

          SHA1

          4cfb550eaf1f2241019c61a4810b4a2126787da7

          SHA256

          59f6b5dabbd01b5eabdf483aed74612b37d1edbe5796695a6bfe0dacdad21b34

          SHA512

          acdda5c4690b2d532c646b1bdb2bee18a181f0b347e0047723c394d261dc6b8073881b60a25c07e4c67bb771dcf3dcd04f39d6512ed43b8f796cae914d1d205e

          Download Submit

        • C:\Windows\ogwegk.exe
          Filesize

          19KB

          MD5

          0d152a0ce06ce7a3526726c7a90e0140

          SHA1

          b3d8800e2b80ebb6bdbf3fb3a7f03ede94f84057

          SHA256

          8e6027053c6bdda2effa47b1c6752e51a88a4ab506094240a348305b9305b8ba

          SHA512

          3682dca338c1f5382b16c2851efaadf2b7f932b9f009c79c26e324f06988faf350edf61651b0f9c952258b652b6431200144c142e05ad2774b83df68b0d75ef9

          Download Submit

        • C:\Windows\ogwegk.exe
          Filesize

          9KB

          MD5

          ed5e0fd047f3f5a66e7b9b122a6f8f45

          SHA1

          f071bd7623ce21b2abcabaa5762619d3a2908dc2

          SHA256

          0b30bb4c3df87a8a0fa8919ceb53e8e8e084a3c5001a010c7ad25af5083b72b2

          SHA512

          ff0f06134bca5cbdafc5f1809bd347ad845840c0c261a8aaf7ade62f59aba9c24ad9100cb119c02718fda53994d8276245ab635b44bbc32d32a4addbeab24e46

          Download Submit

        • memory/1248-132-0x0000000000400000-0x0000000000410000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3208-136-0x0000000000400000-0x0000000000410000-memory.dmp

          Filesize

          64KB

          Download