Overview

overview

9

Static

static

8

7692d3c8c5...c4.exe

windows7-x64

9

7692d3c8c5...c4.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    153s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/11/2022, 21:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7692d3c8c5bccab51c75a57d325dfb25148ae6a158f85e4f49cb7890192598c4.exe

  • Size

    852KB

  • MD5

    4aca86c35391c51917d43f5e3d37b379

  • SHA1

    b29e94eb1f3715dc75d30fc1385ec049be24e7ea

  • SHA256

    7692d3c8c5bccab51c75a57d325dfb25148ae6a158f85e4f49cb7890192598c4

  • SHA512

    ab068f67fae52fb83876235a0b2041c0c5a9df5af6d28527446795fcc83467f4073e5246953b23aee823d9e3771990966f9f64a8bbd525306afb0a0ad33e1bbe

  • SSDEEP

    24576:gTnRu4N/TtDLizUA67C0FLjJiEGk5oABNwi:wN/TN86+0FLjfGi

Score
9/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7692d3c8c5bccab51c75a57d325dfb25148ae6a158f85e4f49cb7890192598c4.exe
    "C:\Users\Admin\AppData\Local\Temp\7692d3c8c5bccab51c75a57d325dfb25148ae6a158f85e4f49cb7890192598c4.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\qqiA9A2.tmp
    Filesize

    172KB

    MD5

    fe763c2d71419352141c77c310e600d2

    SHA1

    6bb51ebcbde9fe5556a74319b49bea37d5542d5e

    SHA256

    7fdf10ca02d2238e22fda18dfbede9750da9f257221802c8b86c557c19c9bc7b

    SHA512

    147b3a525b1fef98ae46923dcbe25edfcf7b523f347857466eefa88f09ec053ba309dfbee5f1454ec64aba0518ee21986c4b6a506f8550efb1163c8f04d7482c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\qqiA9A2.tmp
    Filesize

    172KB

    MD5

    fe763c2d71419352141c77c310e600d2

    SHA1

    6bb51ebcbde9fe5556a74319b49bea37d5542d5e

    SHA256

    7fdf10ca02d2238e22fda18dfbede9750da9f257221802c8b86c557c19c9bc7b

    SHA512

    147b3a525b1fef98ae46923dcbe25edfcf7b523f347857466eefa88f09ec053ba309dfbee5f1454ec64aba0518ee21986c4b6a506f8550efb1163c8f04d7482c

    Download Submit

  • memory/1496-132-0x0000000000400000-0x0000000000427000-memory.dmp

    Filesize

    156KB

    Download

  • memory/1496-135-0x0000000002210000-0x0000000002283000-memory.dmp

    Filesize

    460KB

    Download

  • memory/1496-136-0x0000000000400000-0x0000000000427000-memory.dmp

    Filesize

    156KB

    Download