e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23

Analysis

max time kernel
294s
max time network
357s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
29-11-2022 19:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
Size

4.5MB
MD5

5bc17108151316c630bdd303decfcbbe
SHA1

e349af6b631124efded0bc5cf0afe54b8fcaaabc
SHA256

e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23
SHA512

9bab39b7f5cdcec2cbd80b382c02a571c5ddbd0505cee8d6f225022850602f59d3e34afb6fcf180a2641bbee308587d6e6e3c5a8f715e8a9114686ce405c7a7c
SSDEEP

98304:xYWQttDiH2LMlG4ZbJNn/5WWI4/5/4I7VQXR:xYeH2Cgl4/5QXR

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral2/memory/3912-132-0x0000000010000000-0x0000000010038000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe

pid	process
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
3912	e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe

C:\Users\Admin\AppData\Local\Temp\e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe
"C:\Users\Admin\AppData\Local\Temp\e4e7ca598920797bae102110bf975c2204c59fb4795e42f730a95be111389f23.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3912-132-0x0000000010000000-0x0000000010038000-memory.dmp

Filesize
224KB

Download
memory/3912-138-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-140-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-142-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-144-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-148-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-150-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-146-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-152-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-154-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-156-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-158-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-160-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-166-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-164-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-162-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-168-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-170-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-172-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-174-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-176-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download
memory/3912-178-0x0000000010001000-0x0000000010028000-memory.dmp

Filesize
156KB

Download