Overview

overview

8

Static

static

8

fe4485deca...de.exe

windows7-x64

8

fe4485deca...de.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    90s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 19:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fe4485deca04502a726b47f499e157701436001bb857d098a12985951b7a49de.exe

  • Size

    75KB

  • MD5

    72c0ccb3a673ff88ff082c67a88449b2

  • SHA1

    6786d4a56f4ce64fd1ec2b9e479695a0e714a2e7

  • SHA256

    fe4485deca04502a726b47f499e157701436001bb857d098a12985951b7a49de

  • SHA512

    f0233b2e8a7d7c91e70040e130f5f7e5258cd7bef879c41510aa7c3e3f67d6f281a2da1ec3b2196a31d1a4524c97edf169f659f5f81cfc5679916eba4afe1bbe

  • SSDEEP

    1536:n6ccWrucPPawo6iYqoX7jveXjFB824f60zJD:6TW9PPXo4qQHeTT824R

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fe4485deca04502a726b47f499e157701436001bb857d098a12985951b7a49de.exe
    "C:\Users\Admin\AppData\Local\Temp\fe4485deca04502a726b47f499e157701436001bb857d098a12985951b7a49de.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:4444

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4444-132-0x0000000000400000-0x0000000000421000-memory.dmp

          Filesize

          132KB

          Download

        • memory/4444-135-0x0000000000400000-0x0000000000421000-memory.dmp

          Filesize

          132KB

          Download