Analysis

  • max time kernel
    142s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    21-11-2023 19:01

General

  • Target

    fbf80eb90f6365d51e0aeb48be77b0ab5ef7d93d0f006ecb02fec1190dea5c83.exe

  • Size

    1.7MB

  • MD5

    6af34949ecf6311da62c51a20bed7d8a

  • SHA1

    3ad6ae963e116c7872924b2d81621f45560ef14a

  • SHA256

    fbf80eb90f6365d51e0aeb48be77b0ab5ef7d93d0f006ecb02fec1190dea5c83

  • SHA512

    f7246e14096693761fb746075f63edc6b2ab79cafd5205908e08ad4db0592616029b556802b29fdf2b04ec6b2258595f6313678d29f39e5d42512e698f3e9225

  • SSDEEP

    49152:50zuxbNwycAJJRu7ZURaMMulbkuMY4kCwNQs:au9m2JkZqkulbkkCw

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 28 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops file in System32 directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fbf80eb90f6365d51e0aeb48be77b0ab5ef7d93d0f006ecb02fec1190dea5c83.exe
    "C:\Users\Admin\AppData\Local\Temp\fbf80eb90f6365d51e0aeb48be77b0ab5ef7d93d0f006ecb02fec1190dea5c83.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2180-0-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-1-0x0000000000230000-0x0000000000233000-memory.dmp

    Filesize

    12KB

  • memory/2180-2-0x00000000023E0000-0x000000000249B000-memory.dmp

    Filesize

    748KB

  • memory/2180-6-0x00000000023E0000-0x000000000249B000-memory.dmp

    Filesize

    748KB

  • memory/2180-7-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-9-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-11-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-12-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-13-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-10-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-20-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-18-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-23-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-16-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-28-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-32-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-38-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-42-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-40-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-36-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-34-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-44-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-30-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-25-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-53-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-51-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-49-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-47-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-55-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-58-0x00000000023E0000-0x000000000249B000-memory.dmp

    Filesize

    748KB

  • memory/2180-57-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-59-0x00000000023E0000-0x000000000249B000-memory.dmp

    Filesize

    748KB

  • memory/2180-60-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-61-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

  • memory/2180-62-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-63-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-64-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-65-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-66-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-67-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-68-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-69-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-70-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-71-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-72-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-73-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-74-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB

  • memory/2180-75-0x0000000000400000-0x00000000006E9000-memory.dmp

    Filesize

    2.9MB