Analysis

  • max time kernel
    134s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2022, 21:19

General

  • Target

    ae1379584a7eb735d78533e6008ebac51287c9da28a480651efeeba6cf4fed7c.exe

  • Size

    998KB

  • MD5

    7bdc040577c6f64b54dfafebecc2fcf4

  • SHA1

    2a3290fd03cf398f8609d77a16c106ec87bbe167

  • SHA256

    ae1379584a7eb735d78533e6008ebac51287c9da28a480651efeeba6cf4fed7c

  • SHA512

    dcbb34d741dd98a81c7baa2e0879a6b284ac7220e40ac8d8b64f59296a441866867b5a8ba36aee3bb7c431f9cfbbcb1041a51f96f722025e19154f702ef0b516

  • SSDEEP

    24576:4UKvo//9J95JVXXg7lhtDYftunqrVwLj:4Uj//9JOK1unGVmj

Score
8/10

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ae1379584a7eb735d78533e6008ebac51287c9da28a480651efeeba6cf4fed7c.exe
    "C:\Users\Admin\AppData\Local\Temp\ae1379584a7eb735d78533e6008ebac51287c9da28a480651efeeba6cf4fed7c.exe"
    1⤵
    • Adds Run key to start application
    PID:852

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/852-54-0x0000000074DA1000-0x0000000074DA3000-memory.dmp

          Filesize

          8KB

        • memory/852-55-0x0000000002B60000-0x0000000003B60000-memory.dmp

          Filesize

          16.0MB

        • memory/852-56-0x0000000002B60000-0x0000000003B60000-memory.dmp

          Filesize

          16.0MB

        • memory/852-57-0x0000000000400000-0x00000000004FF000-memory.dmp

          Filesize

          1020KB

        • memory/852-58-0x0000000000400000-0x00000000004FF000-memory.dmp

          Filesize

          1020KB