Analysis
-
max time kernel
13s -
max time network
18s -
platform
windows10-2004_x64 -
resource
win10v2004-20230824-en -
resource tags
-
submitted
26/08/2023, 14:30
General
-
Target
fb51c16933fd08a9bed522cc6e5385c39d21693c50ce4cd8c0801791d1d79081.exe
-
Size
969KB
-
MD5
c0bc4800e50470e400dd9662d831064c
-
SHA1
e46f96f9f6340f65d7855e3f6d75606de304aa40
-
SHA256
fb51c16933fd08a9bed522cc6e5385c39d21693c50ce4cd8c0801791d1d79081
-
SHA512
8331f9cb8b3a9292ee93faa04bb7f5e0c535d1f1e7771ad9c5d5739b76c9124597d02b356a869d5b25515fbe9ba6137a6cbcc5496872c5abe29403bea5933a24
-
SSDEEP
24576:AqXQNKSwaP0IsvYOzYskRoaR8jTHcbn7OThRTE6X:AqXQNKUscskRg8LGE6X
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 2 IoCs
Detects file using ACProtect software.
-
Loads dropped DLL 1 IoCs
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fb51c16933fd08a9bed522cc6e5385c39d21693c50ce4cd8c0801791d1d79081.exe"C:\Users\Admin\AppData\Local\Temp\fb51c16933fd08a9bed522cc6e5385c39d21693c50ce4cd8c0801791d1d79081.exe"1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
97KB
MD5c35425ad1f0c32225d307310deccc335
SHA1b2e347b244e40ffa113dffaffd1895777e3ac30a
SHA25648773d597155dc39dd172c26867972da89dd61fcee0d138433eda26a2d8633b7
SHA51247b6a7447fcc4f9f21018f608fcbdb5650f16cbd869cae5d4ed5d9b88ca1e944de1cac10e9a252aa7b210f1a31456c0ed91728b8a7e24def99d7e3f9683e2bae
-
Filesize
97KB
MD5c35425ad1f0c32225d307310deccc335
SHA1b2e347b244e40ffa113dffaffd1895777e3ac30a
SHA25648773d597155dc39dd172c26867972da89dd61fcee0d138433eda26a2d8633b7
SHA51247b6a7447fcc4f9f21018f608fcbdb5650f16cbd869cae5d4ed5d9b88ca1e944de1cac10e9a252aa7b210f1a31456c0ed91728b8a7e24def99d7e3f9683e2bae
-
Filesize
240KB