Analysis
-
max time kernel
151s -
max time network
163s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 15:44
General
-
Target
8122f51f1f4b82f9e7bf0998d68d1ee49f80c018167b944453c7de35a8beaac3.exe
-
Size
5.3MB
-
MD5
8e77dbb8a644b5fc2f46dcdeb44d5757
-
SHA1
6ad3c1e716446a0e5216e113eeb75192af887379
-
SHA256
8122f51f1f4b82f9e7bf0998d68d1ee49f80c018167b944453c7de35a8beaac3
-
SHA512
23fd2b745bd18ac78130609ca55182dd3c2dafc3ef551c7813293a8d7bff01777f6f3acd4a166109221d24397efd2efd110eb051410e606b0200fd245ddde9af
-
SSDEEP
98304:SBBMjPL/xvPo3Dr1DOiCGy7NLr3Bt0zKaTUZ:JjPL/dg3Dr1DOipsRRWmiUZ
Score
8/10
Malware Config
Signatures
-
UPX packed file 25 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
-
Enumerates system info in registry 2 TTPs 2 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\8122f51f1f4b82f9e7bf0998d68d1ee49f80c018167b944453c7de35a8beaac3.exe"C:\Users\Admin\AppData\Local\Temp\8122f51f1f4b82f9e7bf0998d68d1ee49f80c018167b944453c7de35a8beaac3.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1352-54-0x0000000075F51000-0x0000000075F53000-memory.dmpFilesize
8KB
-
memory/1352-55-0x0000000000400000-0x0000000000951000-memory.dmpFilesize
5.3MB
-
memory/1352-56-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-57-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-58-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-62-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-60-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-66-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-64-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-68-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-70-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-72-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-74-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-76-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-78-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-80-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-82-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-86-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-84-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-88-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-90-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-94-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-92-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-96-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-98-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-99-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-100-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1352-101-0x0000000000400000-0x0000000000951000-memory.dmpFilesize
5.3MB