Overview

overview

8

Static

static

66222fa061...74.exe

windows7-x64

8

66222fa061...74.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    237s
  • max time network
    344s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66222fa06152af900d939e4889ec3afd9b4a13b6089ba62fddda4c2e0f25c174.exe

  • Size

    73KB

  • MD5

    5eb1cb0f72c076b517fc80523efb7fe0

  • SHA1

    392d1532a8b228784fab0340e3f8afb20ea14e7e

  • SHA256

    66222fa06152af900d939e4889ec3afd9b4a13b6089ba62fddda4c2e0f25c174

  • SHA512

    fb2b6be0f754f0b881c33a5b37c785ea5d2b20f51d7840fcbb61d4166037804b008f346bed036812f4588aee483c7dbc0408c06bbbcf449496b4435c04ae44fe

  • SSDEEP

    768:2OqYhhncSR7NWfZFfaLWO169V5VvHZ3m11ahpXl5TKgC10LscDf741lL:2Cfcmc/iL116JFHZLx5TKV0LsO741lL

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66222fa06152af900d939e4889ec3afd9b4a13b6089ba62fddda4c2e0f25c174.exe
    "C:\Users\Admin\AppData\Local\Temp\66222fa06152af900d939e4889ec3afd9b4a13b6089ba62fddda4c2e0f25c174.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/544-54-0x00000000759F1000-0x00000000759F3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/544-55-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download
  • memory/544-56-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download