Overview

overview

8

Static

static

8

068192af50...09.exe

windows7-x64

8

068192af50...09.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    127s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 09:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    068192af506e0d6956524c8f5dd4e686c7dec2bb8ed53c5998ea0aab162d7909.exe

  • Size

    59KB

  • MD5

    a29b0b50f6b65ed106c4409149f3caf5

  • SHA1

    9a2e8051c8a9392bc6641b0630d373ef3bc8c9e5

  • SHA256

    068192af506e0d6956524c8f5dd4e686c7dec2bb8ed53c5998ea0aab162d7909

  • SHA512

    50acc14521e3781ae5cf965fdf2abe09a8612376440e75f64e4637d1af3c67c87ed7eab62e4a2534485615115be538a0b9a24a375b3d659aa9c0f9c27389bfbb

  • SSDEEP

    1536:KHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6k2L5baDM:KHoLde/OgV432UcP39hvF+4

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\068192af506e0d6956524c8f5dd4e686c7dec2bb8ed53c5998ea0aab162d7909.exe
    "C:\Users\Admin\AppData\Local\Temp\068192af506e0d6956524c8f5dd4e686c7dec2bb8ed53c5998ea0aab162d7909.exe"
    1⤵
    • Drops file in Windows directory
    PID:4888

Network

  • flag-us
    DNS
    15.89.54.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    15.89.54.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    226.101.242.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    226.101.242.52.in-addr.arpa
    IN PTR
    Response
  • 52.109.13.64:443
    40 B
     1
  • 93.184.220.29:80
    322 B
     7
  • 93.184.220.29:80
    322 B
     7
  • 104.80.225.205:443
    322 B
     7
  • 52.242.97.97:443
    260 B
     5
  • 104.110.191.140:80
    322 B
     7
  • 104.110.191.140:80
    322 B
     7
  • 8.8.8.8:53
    15.89.54.20.in-addr.arpa
    dns
    70 B
     156 B
     1
    1

    DNS Request

    15.89.54.20.in-addr.arpa

  • 8.8.8.8:53
    226.101.242.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    226.101.242.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4888-132-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/4888-133-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.