293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939

Analysis

max time kernel
145s
max time network
185s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 17:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
Size

696KB
MD5

5f6eba570cba97f029cbffa259437960
SHA1

e6596fb2a15f962410f1b9d4f65779623d5e6190
SHA256

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939
SHA512

2ce5ad7dfd901a53ada8a829e024a6817b8d90d03f397bb9a2bdcdb630d686f8b6984092697412a54daeea022aebd4711c571e1485d2659ad3cdb0ff17d81feb
SSDEEP

12288:bzLX0M9RE1OASx7C9hxM8+8JMR5nWFpPoSQ:bre1OBx7C9jM8+8Rb+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 24 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral2/memory/4176-132-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-134-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-133-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-136-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-138-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-140-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-142-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-144-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-146-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-148-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-150-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-156-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-154-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-152-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-158-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-160-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-162-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-164-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-166-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-168-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-170-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-172-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-174-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4176-175-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe

pid	process
4176	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
4176	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
4176	293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe

C:\Users\Admin\AppData\Local\Temp\293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe
"C:\Users\Admin\AppData\Local\Temp\293b0508048ea2d2510bb0df0126f98989d4c72d0c0169272a568f09a5cd9939.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4176-132-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-134-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-133-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-136-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-138-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-140-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-142-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-144-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-146-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-148-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-150-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-156-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-154-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-152-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-158-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-160-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-162-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-164-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-166-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-168-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-170-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-172-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-174-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4176-175-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download