Overview

overview

8

Static

static

08017efe19...d1.exe

windows7-x64

8

08017efe19...d1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    321s
  • max time network
    395s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2022 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08017efe194c5637fd8c2133741553c7761043cf20e3c419f94e9bb0bf38c3d1.exe

  • Size

    572KB

  • MD5

    533ad4a2bd2559f164337fecc0457470

  • SHA1

    c1644b04c11e561607ea0341352883fc82048a10

  • SHA256

    08017efe194c5637fd8c2133741553c7761043cf20e3c419f94e9bb0bf38c3d1

  • SHA512

    9010554c88bbff6d2aa8374d8a815da10dd54c0a3b04f63aecb6597cde7b12bc03e0e765f0f364f7d5d7fb903f34d6d7fe9149dedfb113a811c0272594eba832

  • SSDEEP

    12288:ZVIo11VaS+ymjrN6IaHc8qf5iNuZx11GfbDx85Z49/MAzfQKObJ3Vv:ZVpVaSxOwHhFNup1GfbDx85ZCUEkJ39

Score
8/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks SCSI registry key(s) 3 TTPs 2 IoCs

    SCSI information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\08017efe194c5637fd8c2133741553c7761043cf20e3c419f94e9bb0bf38c3d1.exe
    "C:\Users\Admin\AppData\Local\Temp\08017efe194c5637fd8c2133741553c7761043cf20e3c419f94e9bb0bf38c3d1.exe"
    1⤵
    • Adds Run key to start application
    • Checks SCSI registry key(s)
    PID:4264

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4264-132-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4264-133-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download