f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048

Analysis

max time kernel
142s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2023, 13:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe
Size

1.2MB
MD5

0b8ed87330c32bf212d0c552ef4cb18b
SHA1

13072ccfb4d010b65a7fd35bcb3c6443dc0449e0
SHA256

f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048
SHA512

b30d42eed7abb2099d2bb4905257aa735f9e7bc4793f79e3c4854d34d4b04fd4a009c5fc39edb699f05a9dedc0dee668f0c790cfdfce3adb89c540d9806e5f67
SSDEEP

24576:qyL+Utwsxx0h2XbJfxOPOmtvEb8a2nAuMHwVb8PTQk32:qqx0mfxOPOUvfTswVrkG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 25 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1008-0-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-9-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-11-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-13-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-15-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-17-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-19-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-21-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-23-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-25-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-29-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/1008-44-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1008	f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe
1008	f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe
1008	f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe

C:\Users\Admin\AppData\Local\Temp\f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe
"C:\Users\Admin\AppData\Local\Temp\f2b04df05e085e1ee4b4d1160af8dbdffed0e7f49eb464c7819723243d590048.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1008-0-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-19-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-21-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-23-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-25-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-29-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/1008-44-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads