Analysis
-
max time kernel
150s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
09-06-2023 19:42
General
-
Target
b0be08afdfdc09bfa16082b93f264e661d87d7f04c5c557837b94bad970bfdb5.exe
-
Size
4.8MB
-
MD5
1fd61593246d10b042a733c4db836d19
-
SHA1
55455d757f5be4aba6e2d255044d7196626922e7
-
SHA256
b0be08afdfdc09bfa16082b93f264e661d87d7f04c5c557837b94bad970bfdb5
-
SHA512
46253cbe90696ba24b7c268937a87ed58a276d2e202486ae2783430fb1b1466073341898825448f60cb4d9d5ab8ceea4b8cdf5386c6eb7c82f694e30e93ffa20
-
SSDEEP
98304:10q40tj8/mLQaEW/Nrxf5Yr+CcmXulT20jjCAe6KVBhVU/on8VJzBS+ENFY00Jf:qq4B+LQ2/XfyXcmMFcZXibzGF/0J
Score
7/10
Malware Config
Signatures
-
UPX packed file 24 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b0be08afdfdc09bfa16082b93f264e661d87d7f04c5c557837b94bad970bfdb5.exe"C:\Users\Admin\AppData\Local\Temp\b0be08afdfdc09bfa16082b93f264e661d87d7f04c5c557837b94bad970bfdb5.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1696-54-0x0000000000400000-0x00000000009B1000-memory.dmpFilesize
5.7MB
-
memory/1696-55-0x0000000000400000-0x00000000009B1000-memory.dmpFilesize
5.7MB
-
memory/1696-56-0x0000000000400000-0x00000000009B1000-memory.dmpFilesize
5.7MB
-
memory/1696-63-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-61-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-59-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-58-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-65-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-57-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-67-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-69-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-72-0x0000000000400000-0x00000000009B1000-memory.dmpFilesize
5.7MB
-
memory/1696-77-0x0000000000FE0000-0x0000000001591000-memory.dmpFilesize
5.7MB
-
memory/1696-76-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-74-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-71-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-81-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-83-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-79-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-86-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-88-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-97-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-95-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-93-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-92-0x0000000000FE0000-0x0000000001591000-memory.dmpFilesize
5.7MB
-
memory/1696-90-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-84-0x0000000000FE0000-0x0000000001591000-memory.dmpFilesize
5.7MB
-
memory/1696-101-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-103-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-99-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/1696-104-0x0000000000400000-0x00000000009B1000-memory.dmpFilesize
5.7MB
-
memory/1696-105-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB