Overview

overview

7

Static

static

3

6b149f0791...4d.exe

windows7-x64

7

6b149f0791...4d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/09/2023, 01:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6b149f07915f9d60f16e7f2fec2713bba8025475f2bf91d88990c104b48a544d.exe

  • Size

    3.0MB

  • MD5

    83ff73008dab8e9dca6229602a59200b

  • SHA1

    148dd42d32afd670cb3cc159bfd0851a4fb0fdce

  • SHA256

    6b149f07915f9d60f16e7f2fec2713bba8025475f2bf91d88990c104b48a544d

  • SHA512

    a1eac88c2307b14feb794d4348a330b203809aff4482fb452aaeae12df880bd5c1bea6737fae9336fef6225a79267643e0223bbb778b8e960aadc5a729738b7f

  • SSDEEP

    49152:1XXd1to1Lbbq/5abgK7n4b5CybvxQFkAVEduGupfa0TtN13IVRSz:ZN1tSLbblVs5Cyb6hEdD+avsz

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 26 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b149f07915f9d60f16e7f2fec2713bba8025475f2bf91d88990c104b48a544d.exe
    "C:\Users\Admin\AppData\Local\Temp\6b149f07915f9d60f16e7f2fec2713bba8025475f2bf91d88990c104b48a544d.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3720

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\HPSocket4C.dll
          Filesize

          1.8MB

          MD5

          9c842288aefe97836f56d6b20b078ff8

          SHA1

          4c28b0112195a5181891022fd999fc8a6236a842

          SHA256

          8d048151cefb7b07d4b00704fcc858d22c7501d1692902ea363678ad50db603e

          SHA512

          4e20b932b11b0c5cbce221c1eb947e7b3ddb68d5ad9d5153c713e55d11dde7482ae3164d57b20b7c82015bfcdbcc6c2d579544b324ff3662e207185200172eb0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\HPSocket4C.dll
          Filesize

          1.8MB

          MD5

          9c842288aefe97836f56d6b20b078ff8

          SHA1

          4c28b0112195a5181891022fd999fc8a6236a842

          SHA256

          8d048151cefb7b07d4b00704fcc858d22c7501d1692902ea363678ad50db603e

          SHA512

          4e20b932b11b0c5cbce221c1eb947e7b3ddb68d5ad9d5153c713e55d11dde7482ae3164d57b20b7c82015bfcdbcc6c2d579544b324ff3662e207185200172eb0

          Download Submit

        • memory/3720-25-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-2-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-5-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-7-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-9-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-13-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-11-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-15-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-17-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-19-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-21-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-23-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-3-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-0-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-37-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-31-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-33-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-35-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-29-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-39-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-41-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-43-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-27-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-1-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-50-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/3720-51-0x0000000010000000-0x000000001003F000-memory.dmp

          Filesize

          252KB

          Download