Overview

overview

7

Static

static

3

bd4ac1824e...f8.exe

windows7-x64

7

bd4ac1824e...f8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2023, 18:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bd4ac1824e0e7b418eba04734ba6401bb9c926fb5a6186f3e64b29ac15d19ff8.exe

  • Size

    3.8MB

  • MD5

    75f0407c4a71b4fe0d2caa98276a67d2

  • SHA1

    76a0b3187cce0cc235863856ee77c396e1d6d1d9

  • SHA256

    bd4ac1824e0e7b418eba04734ba6401bb9c926fb5a6186f3e64b29ac15d19ff8

  • SHA512

    7f55faf921e371cdeec0b14b6d111bb2ec23b3903ef0cc44a4d6eea7651cba77f087ad89c8124e9d02748ef381148e61177d477de3f717388f18f2c77053a744

  • SSDEEP

    49152:K1QmYRXWmYpk/DMU81AwFK0Q6Qi9goxx2jqLpdJ8LgqpjILJg/2obq0OEQk8:L/YU8awF7Q6bgoxEspdJipIddobqWQ

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 27 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd4ac1824e0e7b418eba04734ba6401bb9c926fb5a6186f3e64b29ac15d19ff8.exe
    "C:\Users\Admin\AppData\Local\Temp\bd4ac1824e0e7b418eba04734ba6401bb9c926fb5a6186f3e64b29ac15d19ff8.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1560

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\Config.ini
          Filesize

          361B

          MD5

          69a7b1c5a9153c6e8a205c44c370157c

          SHA1

          5a579791eecd10ea8753cc4b243a444b6af3da2c

          SHA256

          95126d372d475690bff884ed22b0d3aa82f135c715dd4c1cfbe6d7292ea757cc

          SHA512

          f43ece25499d1bcf37e08640d15d0ea597fb9c3a3ec20baa391df0ef46a1362e606a4f39f6dab0b17c2c395e09f4de3ec27c9d5c8cfaff9a7496e6bd272b075d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Config.ini
          Filesize

          63B

          MD5

          575f2bf1f6361cd397703d3d09c2c61c

          SHA1

          119566fbe8732c4f9581ae27bc22aa7528fd6fc9

          SHA256

          064900e6e86c38a3580c3531a672c231d1bdd756a0cb574c96812e74b902f702

          SHA512

          c7fac7950e2bb846813a6f924699ff41c92bef67e730c190791ff07b44fba1a9d8ac800ee328bef633da12ce3b2d2a4432e883956dc28d0da86452dd5f737775

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Config.ini
          Filesize

          150B

          MD5

          5776513968403cc06c59ad188a2a8a68

          SHA1

          05e080659b836ecced2951b5a87f13449cd7ec4c

          SHA256

          3927bb04c20d8ce27f363f6d49b3c6850a47894f617b85fd793bcc387054dde8

          SHA512

          4284267bde0dde30063ca836bcc814f73d45dbd74425b08a284bfb5f130c33212e96b371e3d75105d30ce67ac686954f4da2f809d738001af74dfd4972e426cd

          Download Submit

        • \Users\Admin\AppData\Local\Temp\HPSocket4C.dll
          Filesize

          2.1MB

          MD5

          04869ada712c189caba4822be0e81ea5

          SHA1

          9c45486b30e6d3ccf0737c5766796baaf58232ab

          SHA256

          23078015adb0cf53ebf632a895a1a224b3718174e6c2887e1bbb2d28be5e2b8b

          SHA512

          16f98af15583c60da0cb947ea2230f759bfa27f86ef93ef5f7ffe2adcec6c5f115f52ffa74bae6cf8add94bb6a380fa276f391619256be7a45c53bb7421fdd9c

          Download Submit

        • memory/1560-34-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-40-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-10-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-13-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-15-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-17-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-19-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-22-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-24-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-29-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-27-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-31-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-7-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-36-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-38-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-11-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-42-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-44-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-46-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-50-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-48-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-52-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-54-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-56-0x000000000B300000-0x000000000B301000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1560-57-0x00000000034E0000-0x00000000034E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1560-8-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-9-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-5-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/1560-131-0x000000001ACD0000-0x000000001AD0E000-memory.dmp

          Filesize

          248KB

          Download