Overview

overview

8

Static

static

3a0469efba...b2.exe

windows7-x64

8

3a0469efba...b2.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 05:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a0469efba8301511c5c8479c42524e475552f3cf3d637c8617a2f5848e18cb2.exe

  • Size

    963KB

  • MD5

    4ba5d71f9efc66a352d04471c1a4c8ce

  • SHA1

    d755e7137f2149040ced6797bd48aa4a3517566a

  • SHA256

    3a0469efba8301511c5c8479c42524e475552f3cf3d637c8617a2f5848e18cb2

  • SHA512

    ca71459d4cc6d7d432f4ba237e326ecaee35bfd4fdb8108546ebe8d89e5f956c6bea7dfa6999ea7c49c7a7530f3ac686b52e73beebea44a03fe9204f9b8b8a66

  • SSDEEP

    24576:Do9h/uGBZ7BjAzqf4Xn+dWav17ZT+WpCB1rrVKdbkwoGpNDt:DoNZ1jAzDn+drv1V+Wk/kdbiaf

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 26 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a0469efba8301511c5c8479c42524e475552f3cf3d637c8617a2f5848e18cb2.exe
    "C:\Users\Admin\AppData\Local\Temp\3a0469efba8301511c5c8479c42524e475552f3cf3d637c8617a2f5848e18cb2.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1088
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1088 -s 744
      2⤵
      • Program crash
      PID:4088
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 1088 -ip 1088
    1⤵
      PID:4040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1088-132-0x0000000000400000-0x00000000005C3000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/1088-133-0x0000000000690000-0x0000000000693000-memory.dmp

      Filesize

      12KB

      Download

    • memory/1088-134-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-137-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-136-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-139-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-138-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-141-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-143-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-145-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-147-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-149-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-151-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-153-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-155-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-157-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-159-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-161-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-163-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-165-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-167-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-169-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-171-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-173-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-175-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-177-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-179-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1088-180-0x0000000000690000-0x0000000000693000-memory.dmp

      Filesize

      12KB

      Download

    • memory/1088-181-0x0000000000400000-0x00000000005C3000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/1088-182-0x0000000010000000-0x000000001003D000-memory.dmp

      Filesize

      244KB

      Download