Overview

overview

7

Static

static

7

CrosshairE...ya.dll

windows7-x64

1

CrosshairE...ya.dll

windows10-2004-x64

1

CrosshairE...hl.exe

windows7-x64

7

CrosshairE...hl.exe

windows10-2004-x64

7

CrosshairE...hd.ini

windows7-x64

1

CrosshairE...hd.ini

windows10-2004-x64

1

Resubmissions

20-07-2023 03:52

230720-ee6w9scf62 7

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2023 03:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CrosshairEditor/Freya.hl.exe

  • Size

    179KB

  • MD5

    12b9674d5a68f829f20214644e67baa3

  • SHA1

    9f2681173105f628c7cb14b57540121c5dc667dd

  • SHA256

    88132922084d88a606d4430b1903c2c7d2b48e4b1467253c3a51ed00b05954c6

  • SHA512

    c1c47d6d7f2ec3d2cf6a50fe85acab653a4e81d7c56a2f1972f7de0b686272c3cb03f59be9512acb4530b94bbe90d4b81b00682d4413ed62bc69b6033a43a073

  • SSDEEP

    3072:O2qkbSLWyjCkRtc8lsAR8Z4GkZypFuX6HNwTBf0aeEus/aL:xH+ayW8fWOCDRY0ouAK

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CrosshairEditor\Freya.hl.exe
    "C:\Users\Admin\AppData\Local\Temp\CrosshairEditor\Freya.hl.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3536-133-0x0000000000A80000-0x0000000000ADF000-memory.dmp

    Filesize

    380KB

    Download

  • memory/3536-134-0x0000000000A80000-0x0000000000ADF000-memory.dmp

    Filesize

    380KB

    Download