Analysis

  • max time kernel
    176s
  • max time network
    198s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 09:49

General

  • Target

    b5372ee1d63f8381c267024742424c9a107db7bcfeb9225c6855df8e6b95d50e.exe

  • Size

    73KB

  • MD5

    eecb67670f21b27b4a4f75651d2774cc

  • SHA1

    b4b7f1d0f87fdf74e05c71facf095d0ccc22a726

  • SHA256

    b5372ee1d63f8381c267024742424c9a107db7bcfeb9225c6855df8e6b95d50e

  • SHA512

    f30f75577a84dcaa4a1780832e06be03f39a6852a89f2475016cbfb03fa58d3043c00bfb2c3316336f8ff9d9af9e5e9cf5c4263f97a3a3e4079a1e4407c84e1c

  • SSDEEP

    1536:V8XuhtuByoNPzykxidXg0Xhj7r7RobKhRLLjNj:VVsbNP+kMdQ01378KhRXZ

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops file in Windows directory 64 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b5372ee1d63f8381c267024742424c9a107db7bcfeb9225c6855df8e6b95d50e.exe
    "C:\Users\Admin\AppData\Local\Temp\b5372ee1d63f8381c267024742424c9a107db7bcfeb9225c6855df8e6b95d50e.exe"
    1⤵
    • Drops file in Windows directory
    PID:2648
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2648 -s 216
      2⤵
      • Program crash
      PID:3664
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 196 -p 2648 -ip 2648
    1⤵
      PID:1028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2648-132-0x0000000000400000-0x0000000000423000-memory.dmp

      Filesize

      140KB

    • memory/2648-133-0x0000000000400000-0x0000000000423000-memory.dmp

      Filesize

      140KB