866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621

Analysis

max time kernel
126s
max time network
131s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2023, 12:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe
Size

2.3MB
MD5

78b40943c55e38ac15f41bc11ea66466
SHA1

2a8481822a81156df54909774654b7c7d928b5a8
SHA256

866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621
SHA512

145b1be26f9f4ca776a24f53343d4241859770f26cabec3e3585da465f54eda407bcfaeabedcff7100ba86c4d9416a858f399c998b89e5d355eebfac604d9c24
SSDEEP

49152:V3sffjZ9q3QCLtSSwWmmxRYG+WjaRbKkWJ/RPR0:ynjZ9q3XrwZnOL9h

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 24 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4520-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-9-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-11-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-13-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-15-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-17-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-19-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-21-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-23-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-25-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-29-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4520-44-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4520	866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe
4520	866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe
4520	866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe

C:\Users\Admin\AppData\Local\Temp\866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe
"C:\Users\Admin\AppData\Local\Temp\866c2b5abf6d1893799cc8e11578b81950ed8b5e083a7930b97402479e369621.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4520-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-19-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-21-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-23-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-25-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-29-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-44-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4520-45-0x0000000002B60000-0x0000000002C60000-memory.dmp

Filesize
1024KB

Download
memory/4520-46-0x0000000002B60000-0x0000000002C60000-memory.dmp

Filesize
1024KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads