Overview

overview

7

Static

static

3

5d6704ac45...12.exe

windows7-x64

7

5d6704ac45...12.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24/07/2023, 08:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d6704ac45b70c3dc7cab2da9dfbd63f31a48713569d7e7309faedac2f0ef812.exe

  • Size

    2.6MB

  • MD5

    e1ff59de8a962eaa6f5845fc9c7fa43b

  • SHA1

    84f95730b341d1123f5a2556005a7420710964c3

  • SHA256

    5d6704ac45b70c3dc7cab2da9dfbd63f31a48713569d7e7309faedac2f0ef812

  • SHA512

    933d632695f4e7844092d3f7263855dfaad309d9e40dc23896688b91d7e0834a3d7a851c03a80ac54dcf0e7dc9b2449707ad32c5ff0da27b4017b93f3ce8666d

  • SSDEEP

    49152:MTxUKSXwwysP8g9ZyjW4WWq55j+zniWPbKc:ySXw1WZcWWq55jiiw

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d6704ac45b70c3dc7cab2da9dfbd63f31a48713569d7e7309faedac2f0ef812.exe
    "C:\Users\Admin\AppData\Local\Temp\5d6704ac45b70c3dc7cab2da9dfbd63f31a48713569d7e7309faedac2f0ef812.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Vmtrwm.dll
    Filesize

    52KB

    MD5

    7f2071b1e7482893f001e13a1bdd504d

    SHA1

    460d268801c33a6ac0afac40141787ae32ace4aa

    SHA256

    721185da526d05d8e3a48955ad87df8c74fb4318e3ec8efd306816a999750891

    SHA512

    0ab7331c74d7be6336e86e79ac1b1c4a3a0bde4dccf80bf1e47a87d38b752e20c9f5df08d339b8ec02527267d3c82b184d20e134fd28c04c7e1f9155e1b8383f

    Download Submit

  • memory/2100-57-0x0000000001F40000-0x0000000002057000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2100-60-0x0000000001F40000-0x0000000002057000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2100-61-0x0000000001F40000-0x0000000002057000-memory.dmp

    Filesize

    1.1MB

    Download