5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5

General

Target

5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe
Size

3.1MB
MD5

c85adeb3ee700b59b5d6c72d0f44b82d
SHA1

b714efd1b435dde165e3818ede5713e2c6a270c2
SHA256

5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5
SHA512

eb36831a13a8972431c6c49771e4e49f39b5258d9f0864e8805f8a952d5e83152323183c2495aa15bb719d58271ab0bed6080a586e78eba4c084a41e9c71059d
SSDEEP

98304:QYR+qLAgJ1eOVlxABnqlIfLjTgf+hVpUBZ24HZGI3fT0JMKeMigqN24Ie+dFdAtu:QYR+qLAgJ1eOVlxA5qlIfLjTgf+hVpUO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 25 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2224-134-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-133-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-135-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-136-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-138-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-140-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-142-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-144-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-146-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-148-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-150-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-152-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-154-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-156-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-158-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-160-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-162-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-164-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-166-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-168-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-170-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-172-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-174-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-176-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2224-177-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2224	5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2224	5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe
2224	5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe
2224	5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe

C:\Users\Admin\AppData\Local\Temp\5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe
"C:\Users\Admin\AppData\Local\Temp\5edff32e0c72ef3a0b1523a6c552881bb5328d861e56f81625d218b0fe7b52a5.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2224-134-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-133-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-135-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-136-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-138-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-140-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-142-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-144-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-146-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-148-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-150-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-152-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-154-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-156-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-158-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-160-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-162-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-164-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-166-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-168-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-170-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-172-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-174-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-176-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2224-177-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing