Analysis
-
max time kernel
141s -
max time network
147s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
25-11-2022 23:32
General
-
Target
ᰮƽIPȡ [߳X800] Byݱ缼.exe
-
Size
880KB
-
MD5
605015b590163b7eb952c9496ae620a1
-
SHA1
b03e97bd40770fe1399968ea1831bddf295b475a
-
SHA256
f4145c0487e68260c3a67d0c4980eddecc15357d4dd40b8aff943896a90e9b51
-
SHA512
54a220e2532e4a1128193b5eee9469e2cffb416c1c34f0ed3c2749565993a07795ab038c83a9abfd1638ea940211087d4c97a4363fc32589d4761306765276ed
-
SSDEEP
24576:FjfFtFpZ4p4SKgeEBPP7Kci4q8NyYSD+PoeR6rcJYZc6kJf:FT1pZ44SreE5z3S8nye8rc8F
Score
8/10
Malware Config
Signatures
-
UPX packed file 24 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
VMProtect packed file 3 IoCs
Detects executables packed with VMProtect commercial packer.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\ᰮƽIPȡ [߳X800] Byݱ缼.exe"C:\Users\Admin\AppData\Local\Temp\ᰮƽIPȡ [߳X800] Byݱ缼.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1456-54-0x0000000075B51000-0x0000000075B53000-memory.dmpFilesize
8KB
-
memory/1456-55-0x0000000000400000-0x0000000000635000-memory.dmpFilesize
2.2MB
-
memory/1456-58-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-59-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-62-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-60-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-66-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-64-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-68-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-70-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-72-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-74-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-76-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-78-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-84-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-92-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-100-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-98-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-96-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-94-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-90-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-88-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-86-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-82-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-80-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-101-0x0000000000400000-0x0000000000635000-memory.dmpFilesize
2.2MB
-
memory/1456-102-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1456-103-0x0000000000400000-0x0000000000635000-memory.dmpFilesize
2.2MB