Overview

overview

7

Static

static

3

f9ff3973c8...e2.exe

windows7-x64

7

f9ff3973c8...e2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/11/2023, 21:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9ff3973c890b10083672acb89758dfc3703510c49c6583145400ae1498ba7e2.exe

  • Size

    14.0MB

  • MD5

    0fbcf006b49994d61d323eabface5cd5

  • SHA1

    cc62318da5c16329cb9b39136db498514635f7eb

  • SHA256

    f9ff3973c890b10083672acb89758dfc3703510c49c6583145400ae1498ba7e2

  • SHA512

    45d92cad70228ec149e0dad6b063fd957eeb03eb42dcb5c6d2cb533f1365db8ce7b093d73f227fa8e091f76bc7393fea65222e9cd6daf7201bcda81839ccad9c

  • SSDEEP

    196608:mWijp0+ZTH0NQDoF8U2JGxJEJJgQF8rz10pFAHqoCcKjNck82/7bDn4N/QYblulB:m3p0+ZHPW8U4GxJYY8eHQcH+z4NDxGS2

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f9ff3973c890b10083672acb89758dfc3703510c49c6583145400ae1498ba7e2.exe
    "C:\Users\Admin\AppData\Local\Temp\f9ff3973c890b10083672acb89758dfc3703510c49c6583145400ae1498ba7e2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E2EECore.2.8.11.dll
    Filesize

    10.1MB

    MD5

    cf1cf69eb4d66aca7c3f3c914d96b654

    SHA1

    5c7eb1ef6b12850700429b023b82d971526ee6ee

    SHA256

    177318905f25ef02e1cdaeeedb6928dfbd764c68e9377acf822266673612c35a

    SHA512

    afb74a4664f5982ff95392e56d10d554f40ffcc390bf387f3ac11c37ca0fe1bfc074018b0114875c65afa3c37407f5ca09c556191ea367c674f5fc4f5e524263

    Download Submit

  • memory/3864-5-0x0000000010000000-0x000000001000B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/3864-7-0x00000000045B0000-0x00000000045E6000-memory.dmp

    Filesize

    216KB

    Download

  • memory/3864-8-0x0000000004740000-0x0000000004753000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3864-9-0x0000000010000000-0x000000001000B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/3864-10-0x00000000045B0000-0x00000000045E6000-memory.dmp

    Filesize

    216KB

    Download

  • memory/3864-11-0x0000000004740000-0x0000000004753000-memory.dmp

    Filesize

    76KB

    Download