293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939

General

Target

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
Size

696KB
MD5

5f6eba570cba97f029cbffa259437960
SHA1

e6596fb2a15f962410f1b9d4f65779623d5e6190
SHA256

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939
SHA512

2ce5ad7dfd901a53ada8a829e024a6817b8d90d03f397bb9a2bdcdb630d686f8b6984092697412a54daeea022aebd4711c571e1485d2659ad3cdb0ff17d81feb
SSDEEP

12288:bzLX0M9RE1OASx7C9hxM8+8JMR5nWFpPoSQ:bre1OBx7C9jM8+8Rb+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 24 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral1/memory/1388-55-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-56-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-57-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-59-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-61-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-63-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-65-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-67-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-69-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-71-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-73-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-75-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-77-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-79-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-81-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-83-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-85-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-87-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-89-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-95-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-97-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-93-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-91-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/1388-98-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe

pid	process
1388	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
1388	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
1388	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe

C:\Users\Admin\AppData\Local\Temp\293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
"C:\Users\Admin\AppData\Local\Temp\293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1388

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1388-54-0x00000000763F1000-0x00000000763F3000-memory.dmp

Filesize
8KB

Download
memory/1388-55-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-56-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-57-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-59-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-61-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-63-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-65-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-67-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-69-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-71-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-73-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-75-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-77-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-79-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-81-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-83-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-85-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-87-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-89-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-95-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-97-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-93-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-91-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1388-98-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing