Analysis
-
max time kernel
142s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
30-05-2023 01:17
General
-
Target
bf1413065f642d4c09caaa618c42d34058f0d11349eccd866ef337f7b470f5ab.exe
-
Size
4.8MB
-
MD5
95f43a8d622caa98ebfec5147cd402f9
-
SHA1
9cac0ca7f6a1148b8992e02541ed73b0fd772628
-
SHA256
bf1413065f642d4c09caaa618c42d34058f0d11349eccd866ef337f7b470f5ab
-
SHA512
947c5334c626ed391a32371283d5ae2c7975b288a790448c7ecd48dda1a4df73aa315c892096e294565a426e9c97d11160a4e90060b660da16881db4047e5e62
-
SSDEEP
98304:e/ZCue0t0plgNw75QKsjBm9C4iYlxGQLPZkhdcaiCAjbzvmGgt:e/ZCWtOgNkWK+mQ4iYyYZk33GbLCt
Score
7/10
Malware Config
Signatures
-
UPX packed file 24 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bf1413065f642d4c09caaa618c42d34058f0d11349eccd866ef337f7b470f5ab.exe"C:\Users\Admin\AppData\Local\Temp\bf1413065f642d4c09caaa618c42d34058f0d11349eccd866ef337f7b470f5ab.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1848-54-0x0000000000400000-0x00000000009AD000-memory.dmpFilesize
5.7MB
-
memory/1848-57-0x0000000000400000-0x00000000009AD000-memory.dmpFilesize
5.7MB
-
memory/1848-58-0x00000000012E0000-0x000000000188D000-memory.dmpFilesize
5.7MB
-
memory/1848-56-0x0000000000400000-0x00000000009AD000-memory.dmpFilesize
5.7MB
-
memory/1848-55-0x0000000000400000-0x00000000009AD000-memory.dmpFilesize
5.7MB
-
memory/1848-59-0x00000000012E0000-0x000000000188D000-memory.dmpFilesize
5.7MB
-
memory/1848-60-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-62-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-61-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-64-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-66-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-68-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-70-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-72-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-74-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-76-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-78-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-80-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-82-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-84-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-86-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-88-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-92-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-90-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-94-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-96-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-98-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-100-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-102-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-103-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1848-104-0x0000000000400000-0x00000000009AD000-memory.dmpFilesize
5.7MB
-
memory/1848-116-0x00000000012E0000-0x000000000188D000-memory.dmpFilesize
5.7MB