Overview

overview

7

Static

static

3

282965a168...35.exe

windows7-x64

7

282965a168...35.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23/11/2023, 04:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    282965a1680cb0ca2ca28ae0979f61a6051a29ee0b358b67d3b9a979e4691935.exe

  • Size

    540KB

  • MD5

    edb019df7e0fae9326b3864819447e8e

  • SHA1

    4ded0d9e87340c11007a40903a3dd94db8ba1d7c

  • SHA256

    282965a1680cb0ca2ca28ae0979f61a6051a29ee0b358b67d3b9a979e4691935

  • SHA512

    2949efc0c250abdafd826cdfdfa0f8c84bb2f4a5f4de2948d439e23ecc0e9bad03edb5053fe316c7abfec1266b56bbee3bac1750498d3e90e5d60563d00970b3

  • SSDEEP

    12288:3GFmqIrdk3QpwU5+7ferUyHctGhgDxna1Jk4CcZXOE:WCrCgwU5Ofe4yHT+Dxank41

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\282965a1680cb0ca2ca28ae0979f61a6051a29ee0b358b67d3b9a979e4691935.exe
    "C:\Users\Admin\AppData\Local\Temp\282965a1680cb0ca2ca28ae0979f61a6051a29ee0b358b67d3b9a979e4691935.exe"
    1⤵
    • Loads dropped DLL
    PID:2088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ZtGbQV79wDUgUMgm.dll
    Filesize

    50KB

    MD5

    531ba14ecaf329ba03a3c999ebd8ea55

    SHA1

    353dfeb54480a9dd9dfcab5ca23688c677b46816

    SHA256

    8f00b2c26728247fbee27ad5979f611adb1098f1acd2c15917c37666616fdcad

    SHA512

    fe817ac30ebf42b253e5f9b78e5ec884c49e01e1768500e60148c36ea026ed70b7953cbb6aaf5fb272e8b981743f3cbec0d49bce5f829d0db416b3e8ae4e3e0f

    Download Submit

  • memory/2088-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2088-4-0x0000000000260000-0x0000000000285000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2088-5-0x0000000000400000-0x0000000000491000-memory.dmp

    Filesize

    580KB

    Download

  • memory/2088-6-0x0000000000260000-0x0000000000285000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2088-9-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download