Overview

overview

8

Static

static

4540453012...47.exe

windows7-x64

8

4540453012...47.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2022 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    45404530127a0d73df1e7d3bdf1d716c347441ef3114a4b95d490ab81dfbbb47.exe

  • Size

    826KB

  • MD5

    121e3f9b8f06dea01f437f0137ed23b4

  • SHA1

    42f54df86876984d1de5011da370001c2018130d

  • SHA256

    45404530127a0d73df1e7d3bdf1d716c347441ef3114a4b95d490ab81dfbbb47

  • SHA512

    3675ba22bdf123e5c65bdf58d126b3f99ed094a0e4f8a60aac107732a3d28baafd39a823ba9fbccbd2a05f7e995dca8e1dc8d79c48fc9b8d642ddd5bc0053eda

  • SSDEEP

    12288:vzofBKFQCSFIkTiqyXkuC1Gmrf5yF3Ofa6imGF8Y7uOipk0psCGtscJ551r3Zcfw:MMeCGI5qyXfCtcLTF9uLkCGt15pJc2M

Score
8/10
discoverypersistenceupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\45404530127a0d73df1e7d3bdf1d716c347441ef3114a4b95d490ab81dfbbb47.exe
    "C:\Users\Admin\AppData\Local\Temp\45404530127a0d73df1e7d3bdf1d716c347441ef3114a4b95d490ab81dfbbb47.exe"
    1⤵
    • Adds Run key to start application
    PID:108

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/108-54-0x0000000075B41000-0x0000000075B43000-memory.dmp

    Filesize

    8KB

    Download

  • memory/108-55-0x0000000000BC0000-0x0000000000CD0000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/108-56-0x0000000001300000-0x000000000152B000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/108-57-0x0000000001300000-0x000000000152B000-memory.dmp

    Filesize

    2.2MB

    Download