Analysis

  • max time kernel
    188s
  • max time network
    194s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 18:38

General

  • Target

    eeeecd24235892a8bae264b9a66880af1a2612699415b1b8e60fd989398ffb7c.exe

  • Size

    34KB

  • MD5

    82305ca49d9021871460686ddc776df0

  • SHA1

    5d625079c31e47727bc23de21c3c2fbac9658d6f

  • SHA256

    eeeecd24235892a8bae264b9a66880af1a2612699415b1b8e60fd989398ffb7c

  • SHA512

    4916126d073d21e0360c6d86a52531de5b25f70322b5d7f9e75f0723f549ff2a3ccd19e1d25ca62cd746924d733fd4f097810c04e65c200693f2092126356fb8

  • SSDEEP

    768:374ZALDwjfDoHQZDP/5IrTvBFwgqkHzFeO4:374Kwjf8wRXm1fHzF

Score
8/10

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Modifies system certificate store 2 TTPs 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eeeecd24235892a8bae264b9a66880af1a2612699415b1b8e60fd989398ffb7c.exe
    "C:\Users\Admin\AppData\Local\Temp\eeeecd24235892a8bae264b9a66880af1a2612699415b1b8e60fd989398ffb7c.exe"
    1⤵
    • Adds Run key to start application
    • Modifies system certificate store
    PID:5028

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5028-132-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

  • memory/5028-133-0x0000000005000000-0x0000000005010000-memory.dmp

    Filesize

    64KB

  • memory/5028-134-0x0000000004000000-0x000000000400E000-memory.dmp

    Filesize

    56KB

  • memory/5028-135-0x0000000004000000-0x000000000400E000-memory.dmp

    Filesize

    56KB

  • memory/5028-136-0x0000000000600000-0x0000000000606000-memory.dmp

    Filesize

    24KB