Analysis
-
max time kernel
17s -
max time network
29s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
30-11-2022 18:38
General
-
Target
1d240132877053fb299aea7dd837e56e89b7445cce62dd6a97715b695da3f4ad.exe
-
Size
1.2MB
-
MD5
5a893d8c55b7dfa124972957aa06afef
-
SHA1
d5ce1ba3984b8116b5ac9e00203d9668fad0665e
-
SHA256
1d240132877053fb299aea7dd837e56e89b7445cce62dd6a97715b695da3f4ad
-
SHA512
d8ccdd39a71f74193b6271cd58498d2b02d6a6c6b8674083d550f68feca5e88f18ab8150f0321f5e23f43bc71b983c7f51e3fc9f2a7ddbdab196062671fd2148
-
SSDEEP
24576:Drl6kD68JmloLQfkI1MD/vLjGCKTXLgnrB1ujLoF8XN9Nc/RUk:Hl328U2kfkcMrjmgnfSnXN92/
Score
8/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
-
Suspicious use of FindShellTrayWindow 3 IoCs
-
Suspicious use of SendNotifyMessage 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1d240132877053fb299aea7dd837e56e89b7445cce62dd6a97715b695da3f4ad.exe"C:\Users\Admin\AppData\Local\Temp\1d240132877053fb299aea7dd837e56e89b7445cce62dd6a97715b695da3f4ad.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/628-54-0x0000000000FF0000-0x000000000128C000-memory.dmpFilesize
2.6MB
-
memory/628-55-0x0000000075C81000-0x0000000075C83000-memory.dmpFilesize
8KB
-
memory/628-56-0x0000000000FF0000-0x000000000128C000-memory.dmpFilesize
2.6MB