Overview

overview

8

Static

static

8

b3d09152fd...af.exe

windows7-x64

8

b3d09152fd...af.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    328s
  • max time network
    402s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 05:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b3d09152fdb4dce759f3d44282ca958782a30423137c97825750a9702175d5af.exe

  • Size

    227KB

  • MD5

    4408d149feec268334cf878960468334

  • SHA1

    5127089c4bf3378151f73db0addac51ff244c200

  • SHA256

    b3d09152fdb4dce759f3d44282ca958782a30423137c97825750a9702175d5af

  • SHA512

    c132307a2b01d6ec5ed45319a7679110f531235483875c05741e85b6355b8961830221b8aa7add3c113c0f6169050cb269acc42a7e8da8187e29e693daab5475

  • SSDEEP

    3072:obQi390ezV3Q7RcaDryukKLeC1TkGNmCjxqX/fI/x0s29ygBqQkmDRK:oR39JsXryukHCRXmCjxqX3LZBOE

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b3d09152fdb4dce759f3d44282ca958782a30423137c97825750a9702175d5af.exe
    "C:\Users\Admin\AppData\Local\Temp\b3d09152fdb4dce759f3d44282ca958782a30423137c97825750a9702175d5af.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2492-132-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/2492-133-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download