Overview

overview

7

Static

static

7

1a680a04d9...35.exe

windows7-x64

1a680a04d9...35.exe

windows10-2004-x64

20a43421be...51.exe

windows7-x64

20a43421be...51.exe

windows10-2004-x64

4ed86fd2ad...c4.exe

windows7-x64

4ed86fd2ad...c4.exe

windows10-2004-x64

5f082f042e...01.exe

windows7-x64

7

5f082f042e...01.exe

windows10-2004-x64

7

73c47e305e...5b.exe

windows7-x64

1

73c47e305e...5b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    296s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    14-02-2023 21:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f082f042e0d49fb9feae2b51f516fdb554bd0804767d771f7c0191c3ca53101.exe

  • Size

    4.9MB

  • MD5

    7cb339c46404dcbf9e8c0066a3c49389

  • SHA1

    1f574a344eac99538e8cdb51e3146b0437e52653

  • SHA256

    5f082f042e0d49fb9feae2b51f516fdb554bd0804767d771f7c0191c3ca53101

  • SHA512

    03745b4b85b0b73dfd10e9ecd0704635f9e8c41d80eab47580b260499e727417905dcd06a46002ad5371bd9aeb2309e30067ebd59bde826806b543f1862ae672

  • SSDEEP

    49152:5fNuZqHmwf1GSq2Mxvm/blTT1xJV9uv08W42RHK2L8Stjg4A5fvbMUzToTu:5fNfHY9vSlTT1xJzuc8W42T8Stjg4Ap

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f082f042e0d49fb9feae2b51f516fdb554bd0804767d771f7c0191c3ca53101.exe
    "C:\Users\Admin\AppData\Local\Temp\5f082f042e0d49fb9feae2b51f516fdb554bd0804767d771f7c0191c3ca53101.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/832-54-0x0000000076BA1000-0x0000000076BA3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/832-55-0x0000000000400000-0x00000000008F2000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/832-56-0x0000000000400000-0x00000000008F2000-memory.dmp

    Filesize

    4.9MB

    Download