Overview

overview

8

Static

static

a728a5bc3c...8f.exe

windows7-x64

8

a728a5bc3c...8f.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    259s
  • max time network
    342s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2022 20:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f.exe

  • Size

    105KB

  • MD5

    aa1900f325a29f773ef143079ba5b906

  • SHA1

    1bc15874df3d426eb338f89ab4bd6e5d07cec7ac

  • SHA256

    a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f

  • SHA512

    d2c1cea29b3506428a8e528946edacf6880799c8e6df137f1782a9de228838dac706d04a9000ffef1f90a231bfc87bc4df79616fb7d36779ca5f84beaf2efb7c

  • SSDEEP

    3072:q5aIsBS5gimW2ghQ2TcKlSjeKyfpiG5PbTE4:o6GhQkxHPH

Score
8/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks for any installed AV software in registry 1 TTPs 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f.exe
    "C:\Users\Admin\AppData\Local\Temp\a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f.exe"
    1⤵
    • Adds Run key to start application
    • Checks for any installed AV software in registry
    PID:320

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/320-54-0x0000000000230000-0x000000000023E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/320-56-0x0000000000230000-0x0000000000232000-memory.dmp

    Filesize

    8KB

    Download

  • memory/320-55-0x0000000000230000-0x000000000023E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/320-57-0x0000000076201000-0x0000000076203000-memory.dmp

    Filesize

    8KB

    Download

  • memory/320-58-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download