Overview

overview

7

Static

static

7

5639d59c59...dc.exe

windows7-x64

7

5639d59c59...dc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/08/2023, 11:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5639d59c596c721a99ff04138fe1d74b8efd8a954dd5c170dfa0aea7d78029dc.exe

  • Size

    2.1MB

  • MD5

    fea55b92b0cdf1f7d56729b367a166df

  • SHA1

    4b698a44134bdc48955e4bf75a9805202314e05c

  • SHA256

    5639d59c596c721a99ff04138fe1d74b8efd8a954dd5c170dfa0aea7d78029dc

  • SHA512

    be8643b953675738eb200936bee50587a774a81a8f2e4a770653b1706693b8dc7f4bad60eb9e1b1e22d395db5584230fe8e629b57e279042d87ebac3e1b4792e

  • SSDEEP

    49152:F1AHN1oRbQ8T6vdkhhOHt6SXGC85mQMS7gq+OfSRt1Eq3IWLJCThux7:mgpZmvdwONvXGC85/77WEq3IWLJYU

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 13 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5639d59c596c721a99ff04138fe1d74b8efd8a954dd5c170dfa0aea7d78029dc.exe
    "C:\Users\Admin\AppData\Local\Temp\5639d59c596c721a99ff04138fe1d74b8efd8a954dd5c170dfa0aea7d78029dc.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\WebView2_Caller.dll
    Filesize

    84KB

    MD5

    b1b736cc2b4291ca1583b9089d564fc3

    SHA1

    6f03f7e33485c8b5b350f70b0263dea309fe2143

    SHA256

    b64a7ebbbf90a27afbffc02445773796d2b77c5f30be3f4980da5322374944e6

    SHA512

    dae217883cc12ff7b950c6a090e40c1e59fe39365097297aa96bf3d734c4ae7de48885fe6ce38133c9d56b5b250a035006806b3baa6a6a774d64aae5e93d8b35

    Download Submit

  • memory/1252-144-0x0000000010000000-0x00000000106F0000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1252-139-0x00000000750F0000-0x0000000075139000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1252-140-0x0000000010000000-0x00000000106F0000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1252-142-0x0000000010000000-0x00000000106F0000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1252-143-0x0000000010000000-0x00000000106F0000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1252-133-0x0000000000400000-0x0000000000715000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/1252-145-0x0000000000400000-0x0000000000715000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/1252-147-0x00000000750F0000-0x0000000075139000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1252-148-0x0000000010000000-0x00000000106F0000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1252-154-0x00000000750F0000-0x0000000075139000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1252-164-0x00000000750F0000-0x0000000075139000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1252-174-0x00000000750F0000-0x0000000075139000-memory.dmp

    Filesize

    292KB

    Download