7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1

Analysis

max time kernel
138s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
30/08/2023, 22:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe
Size

12.8MB
MD5

bf945a1a60cde7011e96a5d87698ea46
SHA1

3c69b680049e9532809bd18b29ce13062460d632
SHA256

7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1
SHA512

5224877df82d62da30d157e1e1639b6fa5e15d1f35d07c876e895e421ef74677073fa835cbfb24ee9037d766e380ec3704ed624ba89ed5bc62558f099054fd5d
SSDEEP

196608://71K1kv0dB+qs5AOhVvsnVW2AYTxFoSt3twnyJVmc9BDal7:bua0doqXObgVJxLdtwnyWc9sB

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
behavioral2/files/0x00060000000231f2-10.dat	aspack_v212_v242
behavioral2/files/0x00060000000231f2-15.dat	aspack_v212_v242

Loads dropped DLL 2 IoCs

pid	Process
532	7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe
532	7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/532-6-0x0000000003360000-0x000000000336B000-memory.dmp	upx
behavioral2/memory/532-7-0x0000000003360000-0x000000000336B000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
532	7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe
532	7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe

C:\Users\Admin\AppData\Local\Temp\7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe
"C:\Users\Admin\AppData\Local\Temp\7caae212717892ce8622c08e6cf10f0e201eba97a04d6eaa70d1c9528dbca9d1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\E2EECore.2.7.2.dll

Filesize
8.4MB

MD5
8b6c94bbdbfb213e94a5dcb4fac28ce3

SHA1
b56102ca4f03556f387f8b30e2b404efabe0cb65

SHA256
982a177924762f270b36fe34c7d6847392b48ae53151dc2011078dceef487a53

SHA512
9d6d63b5d8cf7a978d7e91126d7a343c2f7acd00022da9d692f63e50835fdd84a59a93328564f10622f2b1f6adfd7febdd98b8ddb294d0754ed45cc9c165d25a

Download Submit
C:\Users\Admin\AppData\Local\Temp\RSCProject.dll

Filesize
5.3MB

MD5
df4a7169a40076a80d7d3dd4604ec23d

SHA1
a1e277aa1ee35c241e04211744b65ba2e4be71e6

SHA256
b703235a36967a154d7443c25b0006b780b845aba1065ad4da94c87bf0186563

SHA512
eae9e960f65813e0725354993cb106a5c227ee12c160a7a7cb09ab31a56ff270e33298ebcf4380735eac8a38223c6855dbce644700a9a4e95d8e8f5291d6b084

Download Submit
C:\Users\Admin\AppData\Local\Temp\RSCProject.dll

Filesize
5.3MB

MD5
df4a7169a40076a80d7d3dd4604ec23d

SHA1
a1e277aa1ee35c241e04211744b65ba2e4be71e6

SHA256
b703235a36967a154d7443c25b0006b780b845aba1065ad4da94c87bf0186563

SHA512
eae9e960f65813e0725354993cb106a5c227ee12c160a7a7cb09ab31a56ff270e33298ebcf4380735eac8a38223c6855dbce644700a9a4e95d8e8f5291d6b084

Download Submit
memory/532-24-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/532-27-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/532-14-0x0000000072CB0000-0x0000000073D6B000-memory.dmp

Filesize
16.7MB

Download
memory/532-18-0x0000000005320000-0x0000000005321000-memory.dmp

Filesize
4KB

Download
memory/532-17-0x0000000005310000-0x0000000005311000-memory.dmp

Filesize
4KB

Download
memory/532-16-0x00000000054A0000-0x0000000005500000-memory.dmp

Filesize
384KB

Download
memory/532-19-0x00000000052D0000-0x00000000052D1000-memory.dmp

Filesize
4KB

Download
memory/532-20-0x0000000005340000-0x0000000005341000-memory.dmp

Filesize
4KB

Download
memory/532-21-0x0000000005300000-0x0000000005301000-memory.dmp

Filesize
4KB

Download
memory/532-22-0x00000000052F0000-0x00000000052F1000-memory.dmp

Filesize
4KB

Download
memory/532-23-0x0000000005500000-0x0000000005501000-memory.dmp

Filesize
4KB

Download
memory/532-6-0x0000000003360000-0x000000000336B000-memory.dmp

Filesize
44KB

Download
memory/532-25-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/532-7-0x0000000003360000-0x000000000336B000-memory.dmp

Filesize
44KB

Download
memory/532-28-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/532-26-0x0000000005330000-0x0000000005331000-memory.dmp

Filesize
4KB

Download
memory/532-29-0x00000000067A0000-0x00000000067A1000-memory.dmp

Filesize
4KB

Download
memory/532-30-0x0000000006790000-0x00000000067E0000-memory.dmp

Filesize
320KB

Download
memory/532-32-0x0000000005770000-0x0000000005771000-memory.dmp

Filesize
4KB

Download
memory/532-33-0x0000000005520000-0x0000000005521000-memory.dmp

Filesize
4KB

Download
memory/532-31-0x0000000072CB0000-0x0000000073D6B000-memory.dmp

Filesize
16.7MB

Download
memory/532-36-0x00000000057B0000-0x00000000057B1000-memory.dmp

Filesize
4KB

Download
memory/532-35-0x0000000005790000-0x0000000005791000-memory.dmp

Filesize
4KB

Download
memory/532-34-0x0000000005540000-0x0000000005541000-memory.dmp

Filesize
4KB

Download
memory/532-37-0x00000000057D0000-0x00000000057D1000-memory.dmp

Filesize
4KB

Download
memory/532-39-0x00000000057A0000-0x00000000057A1000-memory.dmp

Filesize
4KB

Download
memory/532-38-0x00000000057F0000-0x00000000057F1000-memory.dmp

Filesize
4KB

Download
memory/532-40-0x00000000054A0000-0x0000000005500000-memory.dmp

Filesize
384KB

Download