317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a

Analysis

max time kernel
128s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2023, 22:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe
Size

4.2MB
MD5

76af0776af6ebc70abd276eed4338a3b
SHA1

f127a8713933842c600290645bea73a27c93fd2a
SHA256

317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a
SHA512

c35e325a84c1eb5ca37a2e322e420bb408f98e7fd604ecaebd574359d164593c0a68e0545d0decb8883127d24c0ecd51f7886259fa4417af039fd1052ff66fcc
SSDEEP

98304:BtpVqq1u28CviBpj1IpegiqG347SylA9YZGUgzUzbiIs:l4g8CviBpHgi/347/gYZtzbs

Score

7^/10

upx

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
4264	317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4264-84-0x0000000004160000-0x000000000416B000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4264	317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe
4264	317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe

C:\Users\Admin\AppData\Local\Temp\317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe
"C:\Users\Admin\AppData\Local\Temp\317675870cc8076b4233b596e0f987ea1d631a4630f89b1886d1ddf5ae128f3a.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:4264

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\E2EECore.2.7.2.dll

Filesize
8.4MB

MD5
8b6c94bbdbfb213e94a5dcb4fac28ce3

SHA1
b56102ca4f03556f387f8b30e2b404efabe0cb65

SHA256
982a177924762f270b36fe34c7d6847392b48ae53151dc2011078dceef487a53

SHA512
9d6d63b5d8cf7a978d7e91126d7a343c2f7acd00022da9d692f63e50835fdd84a59a93328564f10622f2b1f6adfd7febdd98b8ddb294d0754ed45cc9c165d25a

Download Submit
C:\Users\Admin\AppData\Roaming\UnityPlayer.exe

Filesize
2KB

MD5
393ff988a0ae70d780bbccc4bfa24c64

SHA1
3faa941f559efb3177edb0d0cf8ecaf5c512e931

SHA256
58ec4f754bed25b1b426ea3bb8296140a9a4cd3389a5afe6bb148489e96be104

SHA512
56c2f11479b8b29e2c32207d4882bc267c1f5d9eb27b72dd72f65013f6979232d5e5136953ef89a42a836536451dc3c789dfe017596246dca436a32b7653a775

Download Submit
memory/4264-0-0x0000000000400000-0x000000000096B000-memory.dmp

Filesize
5.4MB

Download
memory/4264-1-0x0000000000400000-0x000000000096B000-memory.dmp

Filesize
5.4MB

Download
memory/4264-2-0x0000000002980000-0x0000000002981000-memory.dmp

Filesize
4KB

Download
memory/4264-3-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download
memory/4264-4-0x00000000029B0000-0x00000000029B1000-memory.dmp

Filesize
4KB

Download
memory/4264-5-0x0000000002990000-0x0000000002991000-memory.dmp

Filesize
4KB

Download
memory/4264-7-0x00000000038A0000-0x00000000038A1000-memory.dmp

Filesize
4KB

Download
memory/4264-6-0x00000000029E0000-0x00000000029E1000-memory.dmp

Filesize
4KB

Download
memory/4264-8-0x0000000003890000-0x0000000003894000-memory.dmp

Filesize
16KB

Download
memory/4264-9-0x0000000003980000-0x0000000003A00000-memory.dmp

Filesize
512KB

Download
memory/4264-10-0x0000000003980000-0x0000000003A00000-memory.dmp

Filesize
512KB

Download
memory/4264-11-0x0000000003980000-0x0000000003A00000-memory.dmp

Filesize
512KB

Download
memory/4264-14-0x0000000003880000-0x0000000003884000-memory.dmp

Filesize
16KB

Download
memory/4264-12-0x0000000003980000-0x0000000003A00000-memory.dmp

Filesize
512KB

Download
memory/4264-13-0x00000000038E0000-0x00000000038E1000-memory.dmp

Filesize
4KB

Download
memory/4264-15-0x00000000038F0000-0x00000000038F1000-memory.dmp

Filesize
4KB

Download
memory/4264-16-0x0000000000AD0000-0x0000000000AD1000-memory.dmp

Filesize
4KB

Download
memory/4264-17-0x0000000000C80000-0x0000000000C81000-memory.dmp

Filesize
4KB

Download
memory/4264-19-0x00000000038B0000-0x00000000038B1000-memory.dmp

Filesize
4KB

Download
memory/4264-20-0x0000000002A00000-0x0000000002A01000-memory.dmp

Filesize
4KB

Download
memory/4264-21-0x0000000002940000-0x0000000002941000-memory.dmp

Filesize
4KB

Download
memory/4264-22-0x0000000002B60000-0x0000000002B61000-memory.dmp

Filesize
4KB

Download
memory/4264-23-0x0000000002AB0000-0x0000000002AB1000-memory.dmp

Filesize
4KB

Download
memory/4264-25-0x0000000002C10000-0x0000000002C11000-memory.dmp

Filesize
4KB

Download
memory/4264-24-0x0000000003900000-0x0000000003901000-memory.dmp

Filesize
4KB

Download
memory/4264-26-0x0000000003920000-0x0000000003921000-memory.dmp

Filesize
4KB

Download
memory/4264-27-0x0000000003910000-0x0000000003911000-memory.dmp

Filesize
4KB

Download
memory/4264-28-0x0000000003960000-0x0000000003961000-memory.dmp

Filesize
4KB

Download
memory/4264-29-0x0000000003A10000-0x0000000003A11000-memory.dmp

Filesize
4KB

Download
memory/4264-30-0x0000000003A00000-0x0000000003A01000-memory.dmp

Filesize
4KB

Download
memory/4264-31-0x0000000003A30000-0x0000000003A31000-memory.dmp

Filesize
4KB

Download
memory/4264-33-0x0000000003A50000-0x0000000003A51000-memory.dmp

Filesize
4KB

Download
memory/4264-32-0x0000000003A20000-0x0000000003A21000-memory.dmp

Filesize
4KB

Download
memory/4264-34-0x0000000003A40000-0x0000000003A41000-memory.dmp

Filesize
4KB

Download
memory/4264-35-0x0000000003A70000-0x0000000003A71000-memory.dmp

Filesize
4KB

Download
memory/4264-37-0x0000000003A90000-0x0000000003A91000-memory.dmp

Filesize
4KB

Download
memory/4264-36-0x0000000003A60000-0x0000000003A61000-memory.dmp

Filesize
4KB

Download
memory/4264-39-0x0000000003DF0000-0x0000000003DF1000-memory.dmp

Filesize
4KB

Download
memory/4264-38-0x0000000003A80000-0x0000000003A81000-memory.dmp

Filesize
4KB

Download
memory/4264-40-0x0000000003DE0000-0x0000000003DE1000-memory.dmp

Filesize
4KB

Download
memory/4264-41-0x0000000003E10000-0x0000000003E11000-memory.dmp

Filesize
4KB

Download
memory/4264-42-0x0000000003E00000-0x0000000003E01000-memory.dmp

Filesize
4KB

Download
memory/4264-44-0x0000000003E30000-0x0000000003E31000-memory.dmp

Filesize
4KB

Download
memory/4264-43-0x0000000003E40000-0x0000000003E41000-memory.dmp

Filesize
4KB

Download
memory/4264-45-0x0000000003E60000-0x0000000003E61000-memory.dmp

Filesize
4KB

Download
memory/4264-46-0x0000000003E50000-0x0000000003E51000-memory.dmp

Filesize
4KB

Download
memory/4264-47-0x0000000003E80000-0x0000000003E81000-memory.dmp

Filesize
4KB

Download
memory/4264-48-0x0000000003E70000-0x0000000003E71000-memory.dmp

Filesize
4KB

Download
memory/4264-50-0x0000000003E90000-0x0000000003E91000-memory.dmp

Filesize
4KB

Download
memory/4264-49-0x0000000003EA0000-0x0000000003EA1000-memory.dmp

Filesize
4KB

Download
memory/4264-51-0x0000000003EC0000-0x0000000003EC1000-memory.dmp

Filesize
4KB

Download
memory/4264-52-0x0000000003EB0000-0x0000000003EB1000-memory.dmp

Filesize
4KB

Download
memory/4264-53-0x0000000003EE0000-0x0000000003EE1000-memory.dmp

Filesize
4KB

Download
memory/4264-55-0x0000000003EF0000-0x0000000003EF1000-memory.dmp

Filesize
4KB

Download
memory/4264-54-0x0000000003ED0000-0x0000000003ED1000-memory.dmp

Filesize
4KB

Download
memory/4264-56-0x0000000003F20000-0x0000000003F21000-memory.dmp

Filesize
4KB

Download
memory/4264-57-0x0000000003F10000-0x0000000003F11000-memory.dmp

Filesize
4KB

Download
memory/4264-59-0x0000000003F30000-0x0000000003F31000-memory.dmp

Filesize
4KB

Download
memory/4264-58-0x0000000003F40000-0x0000000003F41000-memory.dmp

Filesize
4KB

Download
memory/4264-60-0x0000000003F60000-0x0000000003F61000-memory.dmp

Filesize
4KB

Download
memory/4264-61-0x0000000003F50000-0x0000000003F51000-memory.dmp

Filesize
4KB

Download
memory/4264-62-0x0000000004070000-0x0000000004071000-memory.dmp

Filesize
4KB

Download
memory/4264-64-0x0000000004090000-0x0000000004091000-memory.dmp

Filesize
4KB

Download
memory/4264-63-0x00000000040A0000-0x00000000040A1000-memory.dmp

Filesize
4KB

Download
memory/4264-84-0x0000000004160000-0x000000000416B000-memory.dmp

Filesize
44KB

Download
memory/4264-125-0x0000000000400000-0x000000000096B000-memory.dmp

Filesize
5.4MB

Download