Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/12/2023, 14:09

General

  • Target

    67dcf41c2dd2e6f3b33501435fd388d451c328adbf12f5826efc65fa7cbee53e.exe

  • Size

    14.6MB

  • MD5

    c6653a5e82a9fd9864389b43eec30bef

  • SHA1

    759f577cd632491de1bf860738f7ba16240a874a

  • SHA256

    67dcf41c2dd2e6f3b33501435fd388d451c328adbf12f5826efc65fa7cbee53e

  • SHA512

    d868ff2d57a8246d64b8daabf36c955f3df07a73628ae9adfa1d1426e74dcc79cc4903598cc77c99fcbbf6722a51abba569f0497310fe5ab4e91936daa881a6d

  • SSDEEP

    393216:7ChEgRpcSDobY3KfDImfQOERvz+vTrG9gLP/ojd:7CwSDtTuQnRb0TrhLojd

Score
7/10

Malware Config

Signatures

  • UPX packed file 24 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • VMProtect packed file 2 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\67dcf41c2dd2e6f3b33501435fd388d451c328adbf12f5826efc65fa7cbee53e.exe
    "C:\Users\Admin\AppData\Local\Temp\67dcf41c2dd2e6f3b33501435fd388d451c328adbf12f5826efc65fa7cbee53e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:5036

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/5036-0-0x0000000002000000-0x0000000002001000-memory.dmp

          Filesize

          4KB

        • memory/5036-1-0x0000000002460000-0x0000000002461000-memory.dmp

          Filesize

          4KB

        • memory/5036-2-0x0000000002470000-0x0000000002471000-memory.dmp

          Filesize

          4KB

        • memory/5036-5-0x00000000024C0000-0x00000000024C1000-memory.dmp

          Filesize

          4KB

        • memory/5036-6-0x00000000024D0000-0x00000000024D1000-memory.dmp

          Filesize

          4KB

        • memory/5036-4-0x00000000024B0000-0x00000000024B1000-memory.dmp

          Filesize

          4KB

        • memory/5036-3-0x0000000000400000-0x0000000001E87000-memory.dmp

          Filesize

          26.5MB

        • memory/5036-8-0x00000000024E0000-0x00000000024E1000-memory.dmp

          Filesize

          4KB

        • memory/5036-13-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-21-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-35-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-45-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-48-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-53-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-55-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-58-0x0000000000400000-0x0000000001E87000-memory.dmp

          Filesize

          26.5MB

        • memory/5036-57-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-51-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-43-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-41-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-39-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-37-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-33-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-31-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-29-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-27-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-25-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-23-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-19-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-17-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-15-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-12-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-59-0x0000000010000000-0x000000001003E000-memory.dmp

          Filesize

          248KB

        • memory/5036-61-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-60-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-62-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-64-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-63-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-65-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-67-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-66-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-69-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-68-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-70-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-72-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-71-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-73-0x0000000005940000-0x0000000005941000-memory.dmp

          Filesize

          4KB

        • memory/5036-74-0x00000000059A0000-0x00000000059A1000-memory.dmp

          Filesize

          4KB

        • memory/5036-84-0x00000000059A0000-0x00000000059A1000-memory.dmp

          Filesize

          4KB