Overview

overview

7

Static

static

3

94979cccfe...d3.exe

windows7-x64

7

94979cccfe...d3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/11/2023, 13:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    94979cccfeb0c6e34c50d3e65cd73072b822c3b43b21fc2181c4d883a63930d3.exe

  • Size

    3.9MB

  • MD5

    3ab3559c94789ea6b991d79ca9fd038f

  • SHA1

    50da580ac25f13a3a8d2ad96b7f3ea71f2aa0fab

  • SHA256

    94979cccfeb0c6e34c50d3e65cd73072b822c3b43b21fc2181c4d883a63930d3

  • SHA512

    a521cacf6d821ea7140991631af46c5ab223c7d1db17e316ad4a2463ce1ebb186cbd677a25ceb758289f7208abfe20a3d52042a70d9329b7d2a3b86efe16905a

  • SSDEEP

    98304:niX8H1Ztj6NJRxHNyy+4cchP9fgQsHGVVZszx7nc0qe+lBodjOHJ7wDqSyyZaFpi:niX8H136NJRxHNyy+4cchP9fgQsHGVVA

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 27 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of AdjustPrivilegeToken 49 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\94979cccfeb0c6e34c50d3e65cd73072b822c3b43b21fc2181c4d883a63930d3.exe
    "C:\Users\Admin\AppData\Local\Temp\94979cccfeb0c6e34c50d3e65cd73072b822c3b43b21fc2181c4d883a63930d3.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:5044

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/5044-0-0x0000000010000000-0x000000001003C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5044-7-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-9-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-10-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-11-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-12-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-13-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-15-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-17-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-19-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-21-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-23-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-25-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-27-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-30-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-32-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-34-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-37-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-40-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-42-0x0000000010000000-0x000000001003C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5044-44-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-46-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-48-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-51-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-53-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-56-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-58-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-60-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/5044-61-0x0000000002860000-0x000000000289E000-memory.dmp

          Filesize

          248KB

          Download