Overview

overview

8

Static

static

1e375a5023...7b.exe

windows7-x64

8

1e375a5023...7b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    56s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 07:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e375a5023cc8156ed5d05e111c95a7a130fe286321928b2828176abae02ad7b.exe

  • Size

    1.6MB

  • MD5

    155b8309df7d1e0c6435a0039a544ab5

  • SHA1

    7359cc0c599e65793a266a78c7c9c21b56e6def4

  • SHA256

    1e375a5023cc8156ed5d05e111c95a7a130fe286321928b2828176abae02ad7b

  • SHA512

    eae82f2647b85dad0ef994a4e7521817b59c5a765b5d1435b29b372cca5955a3650cbab9559b25805a7cca4eb61a26872cff4c49f87119ccc8010918a6b75663

  • SSDEEP

    24576:FXyt0BfW3UPaJoqYtf5CedA6fZDyax+oL7bL25+GGi:FeWtfseV8SZL7uCi

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 26 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 11 IoCs
    adwarespyware
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e375a5023cc8156ed5d05e111c95a7a130fe286321928b2828176abae02ad7b.exe
    "C:\Users\Admin\AppData\Local\Temp\1e375a5023cc8156ed5d05e111c95a7a130fe286321928b2828176abae02ad7b.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies system certificate store
    • Suspicious use of SetWindowsHookEx
    PID:2020

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2020-54-0x0000000075451000-0x0000000075453000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2020-55-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-57-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-58-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-59-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-60-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-62-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-64-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-66-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-68-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-70-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-72-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-74-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-76-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-78-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-80-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-82-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-86-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-84-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-88-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-96-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-100-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-98-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-94-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-92-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-90-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2020-101-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download