Overview

overview

8

Static

static

8

Fotosonlin...09.exe

windows7-x64

8

Fotosonlin...09.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    93s
  • max time network
    75s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27-11-2022 21:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Fotosonline_novinhas_3554509.exe

  • Size

    18KB

  • MD5

    e336ae8bf5f593760e47d8af4b6e1466

  • SHA1

    aef814d2084c6e87a7f0f462e2b9c1abb967fdca

  • SHA256

    5a346accc87e5cf73f51d8203b0e9f649bb760e9cbb6090c9e532eb8dbf5cd18

  • SHA512

    e5e386fb629aff2db1943aa22df2ac70632d35e076f717ea24cf65a7e115e78222c1b1308f7135baf2c06af92705d8769d331c6b08fabd8acb2e110e163e8ead

  • SSDEEP

    384:h2ylPD6M5YnYSQbLx+aegdLUmh2Xu0hwsQfyzYq4kNmy:h5PXfBggdLLUVhbG6Ymm

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Fotosonline_novinhas_3554509.exe
    "C:\Users\Admin\AppData\Local\Temp\Fotosonline_novinhas_3554509.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2016-54-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/2016-57-0x00000000760C1000-0x00000000760C3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2016-58-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download