Overview

overview

7

Static

static

3

e4807632b8...e3.exe

windows7-x64

7

e4807632b8...e3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/08/2023, 12:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e4807632b82b987959a5950f8f76b56da52dd3da2118d9fc0cad5a0ac3d3d2e3.exe

  • Size

    2.0MB

  • MD5

    1e15bc1c231a2f7fa60b604391767abf

  • SHA1

    d64fb4392597596e017fc872a9127a29bd36827e

  • SHA256

    e4807632b82b987959a5950f8f76b56da52dd3da2118d9fc0cad5a0ac3d3d2e3

  • SHA512

    77a80deb67ef485e75b1df9398d89e3540b198b1c94b095e09fa22a7c5c39ff62a8910e2a8429038a4dea9b34cf18a1b906c8ef3d5c0bdce812e466c6cf5efe4

  • SSDEEP

    49152:nCJqs/WK6292wQYcohr5xS/WGrMjSGTFmR2YhLp+z0G80lZLzWS8bXSX:OGrGzJmR2S1+AG80nLkY

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 25 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e4807632b82b987959a5950f8f76b56da52dd3da2118d9fc0cad5a0ac3d3d2e3.exe
    "C:\Users\Admin\AppData\Local\Temp\e4807632b82b987959a5950f8f76b56da52dd3da2118d9fc0cad5a0ac3d3d2e3.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3576
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3576 -s 1648
      2⤵
      • Program crash
      PID:436
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 3576 -ip 3576
    1⤵
      PID:4196

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3576-1-0x0000000068CD0000-0x0000000068CDF000-memory.dmp

            Filesize

            60KB

            Download

          • memory/3576-3-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-4-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-5-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-7-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-9-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-11-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-13-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-15-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-17-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-19-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-21-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-23-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-25-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-27-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-29-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-31-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-33-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-35-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-37-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-39-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-41-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-43-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-45-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download

          • memory/3576-46-0x0000000010000000-0x000000001003C000-memory.dmp

            Filesize

            240KB

            Download