76accc4948bbe85b5b48db6d64eb5173a1484bac400bdafa7f580068a43096f9

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
08/10/2023, 14:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
Size

358KB
MD5

73ece8cea3fe823c6588e7aeaf5a5148
SHA1

2596d6e0c9b630c76c8cff5c954567c3a68f4fe9
SHA256

76accc4948bbe85b5b48db6d64eb5173a1484bac400bdafa7f580068a43096f9
SHA512

e9250e1d981e88a001b5b6adbc83c69cd9bd7f466230a5fdbb22f071db7839fc01b4cec50adc2378a73eada1a409d9dbe448616f3e140ef561dd059a912aa2cb
SSDEEP

6144:Ouq1yyfpenkeQ4ow45vNjp/LmKkBAG4xUMd19ueulRLYDOktqI6KlbcG:S1yoMkbnw4xNjp/lG4yMUeuD6yI6KloG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2196-0-0x0000000000400000-0x0000000000418000-memory.dmp	upx
behavioral1/files/0x00070000000165e9-5.dat	upx
behavioral1/memory/2196-20-0x0000000000400000-0x0000000000418000-memory.dmp	upx

Drops file in Windows directory 19 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\BattleField 1942(cdfix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(cdfix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\UT2004(crack).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Doom 3(codes).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Silent Hill 4(fix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\FlatOut(trainer).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\FlatOut(trainer).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Counter-Strike trainer.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Half-Life 2_serial.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Doom 3_serial.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Doom 3_serial.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 + cdfix.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\UT2004(crack).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Doom 3(fix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Doom 3(codes).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4(fix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike trainer.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File created	C:\Windows\win32dc\Silent Hill 4 + cdfix.exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
File opened for modification	C:\Windows\win32dc\Doom 3(fix).exe	NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.73ece8cea3fe823c6588e7aeaf5a5148_JC.exe"
1⤵
- Drops file in Windows directory
PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Half-Life 2_serial.exe

Filesize
358KB

MD5
73ece8cea3fe823c6588e7aeaf5a5148

SHA1
2596d6e0c9b630c76c8cff5c954567c3a68f4fe9

SHA256
76accc4948bbe85b5b48db6d64eb5173a1484bac400bdafa7f580068a43096f9

SHA512
e9250e1d981e88a001b5b6adbc83c69cd9bd7f466230a5fdbb22f071db7839fc01b4cec50adc2378a73eada1a409d9dbe448616f3e140ef561dd059a912aa2cb

Download Submit
memory/2196-0-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/2196-20-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads