Overview

overview

7

Static

static

3

c05a7f9d47...80.exe

windows7-x64

7

c05a7f9d47...80.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2023 01:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c05a7f9d47bb15232c3336059d5532a7eda6d47533e00d35d7d9d1e72d4e9d80.exe

  • Size

    1.1MB

  • MD5

    23c1ee523f8579d5b4a9125d7d842abe

  • SHA1

    3dd3316a9cf2479c4fff131bd3a856f092d9ec8c

  • SHA256

    c05a7f9d47bb15232c3336059d5532a7eda6d47533e00d35d7d9d1e72d4e9d80

  • SHA512

    a8f1495add8a8549c1b5869a0f9dd5cf6dcd1de34140cf407bd67e28211ece71411bf7ea544ce11e459c1f97c5329d5ba729a21780584e1777850679d5d85e9e

  • SSDEEP

    12288:kEKF+bt3/ud9qo9ODg+CPpLqrr0gH82kR8XLyRpM8hFPMyD:kTE/u2gBpWr1UppM8hhM

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c05a7f9d47bb15232c3336059d5532a7eda6d47533e00d35d7d9d1e72d4e9d80.exe
    "C:\Users\Admin\AppData\Local\Temp\c05a7f9d47bb15232c3336059d5532a7eda6d47533e00d35d7d9d1e72d4e9d80.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Roaming\AaYa.dll
    Filesize

    40KB

    MD5

    920aecffebf9d67a98278a562d379406

    SHA1

    84ce998f8a73774e4faddfdee8e23eef333fa847

    SHA256

    32a06dce260f50f924ae55af976e27a19cfe642f35ce15a7242a60305c4a82d9

    SHA512

    ff6fc5bf4d282ca4f808e601cf828486fe3977ee2c9a96c44c6cd44c1c98812f194a46220e99424bc384733a5a27f6a387a46a6c62cce7097abd1e5fdd217858

    Download Submit

  • memory/3064-4-0x00000000021A0000-0x00000000022E8000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3064-7-0x00000000021A0000-0x00000000022E8000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3064-8-0x00000000021A0000-0x00000000022E8000-memory.dmp

    Filesize

    1.3MB

    Download