Overview

overview

7

Static

static

3

ceb97f39b0...92.exe

windows7-x64

7

ceb97f39b0...92.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/10/2023, 11:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ceb97f39b0e1e9b4d50f9bc3f2b2e9182f080c2483239318af495ea2c0644c92.exe

  • Size

    9.5MB

  • MD5

    750b012712b7e01a74cc38f0a6e2adf3

  • SHA1

    f85f5e34b9be6ff09f9e99edf771891ea52d7e81

  • SHA256

    ceb97f39b0e1e9b4d50f9bc3f2b2e9182f080c2483239318af495ea2c0644c92

  • SHA512

    b42ea5632c218c9afe52f34f00c2f50cdbf02c1bac3dabd7278eefef9be6b3e99844cf2135f0c39c18e37186c68733af3b8d4a0ba46409519ada7bf60ef62ccb

  • SSDEEP

    98304:DpwYtqomlBJoaqigBi6D9Omp8Hhbr+hrD1d76TQFkaXWocsamjoZ4ACgmPZg6rdU:VwY5GOFiY9jy0vFeoxvDGSZtdy/KgSY

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 5 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 4 IoCs
  • UPX packed file 37 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies registry class 37 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ceb97f39b0e1e9b4d50f9bc3f2b2e9182f080c2483239318af495ea2c0644c92.exe
    "C:\Users\Admin\AppData\Local\Temp\ceb97f39b0e1e9b4d50f9bc3f2b2e9182f080c2483239318af495ea2c0644c92.exe"
    1⤵
    • Loads dropped DLL
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dm.dll
    Filesize

    3.4MB

    MD5

    abc3005e3131e02c26e60142ee1ae517

    SHA1

    88d581e11ea74f7cf4faa559d1410bd29b254bba

    SHA256

    aa37c80dd3348d5d8578469663f605329591bd740101a4783c63467cc49cfaf2

    SHA512

    8fc505e0e282ec3be027ed48996421e242f68bebea5dc9f5b07cc28c66a9dbccd2264b32b558341113f30faf3553874cb7da1a80c7909d6f8aa0fb7ea24d2c64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dm.dll
    Filesize

    3.4MB

    MD5

    abc3005e3131e02c26e60142ee1ae517

    SHA1

    88d581e11ea74f7cf4faa559d1410bd29b254bba

    SHA256

    aa37c80dd3348d5d8578469663f605329591bd740101a4783c63467cc49cfaf2

    SHA512

    8fc505e0e282ec3be027ed48996421e242f68bebea5dc9f5b07cc28c66a9dbccd2264b32b558341113f30faf3553874cb7da1a80c7909d6f8aa0fb7ea24d2c64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dm.dll
    Filesize

    3.4MB

    MD5

    abc3005e3131e02c26e60142ee1ae517

    SHA1

    88d581e11ea74f7cf4faa559d1410bd29b254bba

    SHA256

    aa37c80dd3348d5d8578469663f605329591bd740101a4783c63467cc49cfaf2

    SHA512

    8fc505e0e282ec3be027ed48996421e242f68bebea5dc9f5b07cc28c66a9dbccd2264b32b558341113f30faf3553874cb7da1a80c7909d6f8aa0fb7ea24d2c64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dm.dll
    Filesize

    3.4MB

    MD5

    abc3005e3131e02c26e60142ee1ae517

    SHA1

    88d581e11ea74f7cf4faa559d1410bd29b254bba

    SHA256

    aa37c80dd3348d5d8578469663f605329591bd740101a4783c63467cc49cfaf2

    SHA512

    8fc505e0e282ec3be027ed48996421e242f68bebea5dc9f5b07cc28c66a9dbccd2264b32b558341113f30faf3553874cb7da1a80c7909d6f8aa0fb7ea24d2c64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dm.dll
    Filesize

    3.4MB

    MD5

    abc3005e3131e02c26e60142ee1ae517

    SHA1

    88d581e11ea74f7cf4faa559d1410bd29b254bba

    SHA256

    aa37c80dd3348d5d8578469663f605329591bd740101a4783c63467cc49cfaf2

    SHA512

    8fc505e0e282ec3be027ed48996421e242f68bebea5dc9f5b07cc28c66a9dbccd2264b32b558341113f30faf3553874cb7da1a80c7909d6f8aa0fb7ea24d2c64

    Download Submit

  • memory/4560-50-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-30-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-14-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-16-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-18-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-20-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-22-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-24-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-26-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-58-0x0000000004BD0000-0x00000000050F1000-memory.dmp

    Filesize

    5.1MB

    Download

  • memory/4560-8-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-32-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-34-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-36-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-38-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-40-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-42-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-44-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-46-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-48-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-0-0x0000000010000000-0x0000000010178000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/4560-52-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-12-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-11-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-28-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-60-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-61-0x0000000005100000-0x000000000591B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/4560-63-0x00000000037E0000-0x00000000037F6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4560-10-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-62-0x0000000005920000-0x000000000621A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/4560-65-0x0000000003800000-0x0000000003802000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4560-9-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-6-0x0000000002DE0000-0x0000000002E1E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4560-72-0x0000000004BD0000-0x00000000050F1000-memory.dmp

    Filesize

    5.1MB

    Download

  • memory/4560-73-0x0000000004BD0000-0x00000000050F1000-memory.dmp

    Filesize

    5.1MB

    Download

  • memory/4560-75-0x0000000006230000-0x0000000006A4B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/4560-76-0x0000000005100000-0x000000000591B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/4560-77-0x0000000006A50000-0x000000000734A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/4560-78-0x0000000005110000-0x0000000005126000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4560-79-0x0000000005130000-0x0000000005132000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4560-81-0x0000000005920000-0x000000000621A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/4560-88-0x00000000037E0000-0x00000000037F6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4560-89-0x0000000003800000-0x0000000003802000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4560-90-0x0000000004BD0000-0x00000000050F1000-memory.dmp

    Filesize

    5.1MB

    Download

  • memory/4560-92-0x0000000006230000-0x0000000006A4B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/4560-93-0x0000000006A50000-0x000000000734A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/4560-94-0x0000000005110000-0x0000000005126000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4560-97-0x0000000004BD0000-0x00000000050F1000-memory.dmp

    Filesize

    5.1MB

    Download