Overview

overview

7

Static

static

3

10f47141fe...95.exe

windows7-x64

7

10f47141fe...95.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    153s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 08:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    10f47141fe7ad3641a59f6478aa00495.exe

  • Size

    3.3MB

  • MD5

    10f47141fe7ad3641a59f6478aa00495

  • SHA1

    f1fab03433db1fe7706ddfbd10ee7f9b9a68432f

  • SHA256

    77fe5129c7c1f2c7f2915b859d3d0199a47f4c7114ef92ce97c4743d57f4cd36

  • SHA512

    c71cc7478435c83b970b0ec45328671b941d773120b4a9a5c6b300d15dfcab05fbd002692c6d75643c8c8de2a6c71f406039402ba006e589a8bc0b2d6efc3952

  • SSDEEP

    49152:CZIp533Q3FTvWS7g/Y2EUaOstu7T7tu7Ftu7ktu7d:lp534FyigL/aftu7/tu7Ftu7ktu7d

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 33 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\10f47141fe7ad3641a59f6478aa00495.exe
    "C:\Users\Admin\AppData\Local\Temp\10f47141fe7ad3641a59f6478aa00495.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\windows\cccc2.dat
      C:\windows\cccc2.dat
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\cccc2.dat
    Filesize

    13KB

    MD5

    7306d7ade292d213b5973c0bf11ea541

    SHA1

    7be09b659e322b36656af2c3b828f508cf297d45

    SHA256

    5bb79f64b763b8b23d9e264a42bff7f0d2b4e3fb9c522ef7a97cd1cc9d029f29

    SHA512

    88d275c4b89023a7c58e9edce49dcea5df86dab66b95ae1e9d64ef8085f76bcc853a79c752f8fa785f828ef21e8fba5bfd931e1e7cd6b76d4c7541daa92e8f37

    Download Submit

  • memory/2556-79-0x0000000000400000-0x000000000040D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2556-75-0x0000000000400000-0x000000000040D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2556-61-0x0000000000400000-0x000000000040D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2892-30-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-38-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-9-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-13-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-11-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-17-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-15-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-20-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-28-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-26-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-32-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-34-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-0-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-24-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-22-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-6-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-40-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-36-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-48-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-46-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-44-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-42-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-49-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-50-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-5-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-56-0x0000000004230000-0x000000000423D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2892-4-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-2-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download

  • memory/2892-76-0x0000000004230000-0x000000000423D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2892-3-0x0000000010000000-0x000000001003D000-memory.dmp

    Filesize

    244KB

    Download