Overview

overview

7

Static

static

3

UnPackMe_shield.exe

windows7-x64

7

UnPackMe_shield.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2023 07:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UnPackMe_shield.exe

  • Size

    617KB

  • MD5

    14ddfc3edb10583bec6038ca8fbc1120

  • SHA1

    322c58a709ae5d593e1049012e4ccdcf688771fe

  • SHA256

    8021944e3a8d8aac9b736ed0c5b9dfc0ceae9b435808a192431abef101f6c7aa

  • SHA512

    7f29d492775bae9385648140bc9b08ceca13b889ad2e3b9f3807502baa5eb974abe1035d16f5d334ce584ad4644946e03065599a324f8c065c6f0274565d805f

  • SSDEEP

    12288:U9EXmg9aTKh4Za+jdjaJENYUC3CHCAdShajtjWqgNaPJTivuwfu8Tm7LLt:4EXm18+pHYJCiTE51gNahGvuwfu0m/B

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\UnPackMe_shield.exe
    "C:\Users\Admin\AppData\Local\Temp\UnPackMe_shield.exe"
    1⤵
    • Loads dropped DLL
    PID:1596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\2d8e31c8-9aa5-425d-bcea-77e6a852d2b2.dll
    Filesize

    447KB

    MD5

    aa249c6e24bf386b1023825c1ccdc032

    SHA1

    c5749e0f5d36b90ea50c379ec1be32370da71dfe

    SHA256

    4f7e538c40e0ac757fa651a9c5d096c2a3ee9ad2da7a96dc46bc7ff935820215

    SHA512

    ba760aea41a7292f010d4fe5d3fce233aa85aa47ba89fada6b4bac4f5538b792bad163605dbfec93fd9d349a94dabcd25a622109f3b8efb292e10ba055860ca6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\fe18867d83354229922796478bbf0128.dll
    Filesize

    254KB

    MD5

    6469a6a4fb0dc1c77ef41e3618f05e0b

    SHA1

    4e2ca38074b18b02b82338017d94a532c4920ece

    SHA256

    bcf34691fddb5db4b532fdc9a4da3e69bf6d41d75be61a77dafd6306546bcec4

    SHA512

    efadc188eba54a8e7b51bf5ed106f05014e2965d854ebad7b29f8e0e7bdbef4b76d35c657d376216c69b08822a9169ce935decf0c519e320848e39b9ca3bc69d

    Download Submit

  • memory/1596-54-0x000000003F580000-0x000000003F620000-memory.dmp

    Filesize

    640KB

    Download

  • memory/1596-59-0x0000000004260000-0x00000000042A0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1596-64-0x0000000073E00000-0x0000000073E6C000-memory.dmp

    Filesize

    432KB

    Download

  • memory/1596-65-0x0000000004260000-0x00000000042A0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1596-69-0x0000000073E00000-0x0000000073E6C000-memory.dmp

    Filesize

    432KB

    Download