Analysis
-
max time kernel
135s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230221-en -
resource tags
arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2023 18:09
Behavioral task
behavioral1
Sample
UpData.exe
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
UpData.exe
Resource
win10v2004-20230221-en
2 signatures
150 seconds
General
-
Target
UpData.exe
-
Size
1.6MB
-
MD5
ebe2550c9bb63717287947bff8290abc
-
SHA1
19fe7e549427f2296d73586cac3210bda8ee4c9a
-
SHA256
0e803a99308bf32675d3a8b3c492cc3e7c2324d0df0baeb91441a3f911ba96af
-
SHA512
a5e6f8c394e6b8c0db9e8d14b27f76ead86c6a1b4881fb41fa6cc176bc1077497c159e5bca2ff46ac91dfa8dcc5dcbd3eb7a4f4f21b23c0b1d1b575246ffc6bd
-
SSDEEP
49152:M8kyWnq91p9YlNPkMFQX2c29icQue9FU:nwSXg/0D4QxFU
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
UpData.exepid process 2140 UpData.exe 2140 UpData.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2140-133-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-135-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-136-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-137-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-138-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-139-0x00000000029E0000-0x00000000029E1000-memory.dmpFilesize
4KB
-
memory/2140-140-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB
-
memory/2140-141-0x0000000000400000-0x00000000008EF000-memory.dmpFilesize
4.9MB