b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca

General

Target

b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe
Size

3.8MB
MD5

1e62cd4b35df11dce251fc588ecf03c7
SHA1

6e5f9c8f1750ed8296aae430ac1d1dfc0e4e5897
SHA256

b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca
SHA512

babe71e67f123b54d9bf4b33d5f2b5a383ec7ee0090205ee7098d2b7aebc2f9d3c245c88084db617a5821635a97ff1712cd1d5508f26b2e019e6d0b726a339af
SSDEEP

98304:AYFHJxDWeqMKnl7gkflBU+dR2aZPvhQgGuLZfvIiG9zRyko+OJTUhEAa+MR0YLTm:AYFHJxDzqMKnl7gkflBU+dR2aZPvhQgG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 26 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4264-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-0-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-9-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-11-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-15-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-13-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-17-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-19-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-23-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-21-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-29-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-25-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-45-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4264-46-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4264	b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4264	b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe
4264	b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe
4264	b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe

C:\Users\Admin\AppData\Local\Temp\b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe
"C:\Users\Admin\AppData\Local\Temp\b607c802196f0d9928047a4806f229a1a59cc0c301fa55791bc69ba3af54f4ca.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4264-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-0-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-19-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-23-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-21-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-29-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-25-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-44-0x0000000000FC0000-0x0000000000FC1000-memory.dmp

Filesize
4KB

Download
memory/4264-45-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4264-46-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing