Overview

overview

7

Static

static

7

133f48fd0b...79.exe

windows7-x64

7

133f48fd0b...79.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 08:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    133f48fd0b4a7552ad81ac7656bb0c79.exe

  • Size

    1.8MB

  • MD5

    133f48fd0b4a7552ad81ac7656bb0c79

  • SHA1

    df545ace3136fa824ce596814ca446c4c89c932c

  • SHA256

    e9fbca5cd6bfa7da1629186bfb8b306bf916b5354d78fcac23b441d4103f256c

  • SHA512

    b690b72a1c1d236cd6e8f530254e827ccd84d1dd32f1e757003c3b3a5dc5bd91b6ea9d8fe97cfbee587ccdd599599751aa603d6143a18dd7352b4fbc48cde409

  • SSDEEP

    24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxq9A:SCqm2Jpr0nNM7Dus7NxL

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 12 IoCs
  • UPX packed file 13 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\133f48fd0b4a7552ad81ac7656bb0c79.exe
    "C:\Users\Admin\AppData\Local\Temp\133f48fd0b4a7552ad81ac7656bb0c79.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Program Files directory
    PID:1672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7-zip32.dll
    Filesize

    98KB

    MD5

    243a48f0aca74b1dbcab7281d4c36100

    SHA1

    90002c88bf31d92438239324393486cb582a9131

    SHA256

    1fdc986f8c2c61715646b9e813412a2dfe3e06b9a1af495b6169e8d02387d5da

    SHA512

    14f5979b99e2f1ed1060566a875a6d516caec15df4584e3e0b17d218d043d09f99e99ae56481aaa1f8599eb83bcebfe1c23d158a9cd050944ef857c735aa9c65

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    1.4MB

    MD5

    96cb457c0d6a1692666951151008c033

    SHA1

    452cdf6b84d8ec61c838a7559492cc7e88837082

    SHA256

    d295a1306b2f6214a4f9a379f546e34ec424ca6780783958b5a749e3365f81a9

    SHA512

    02a9dc74739aed447bb77d76f5dd571c05d1457f9070f646aae5cb83759720674ef1b0a545157ed86c186c7c1a98873ac41503cd5f8a40dbd0ddaa63de3bed19

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    1.1MB

    MD5

    891e18990cdbdd8635e4077576a4fc56

    SHA1

    e85258fb7aa7b2333ebc85e1e5f23959e6173426

    SHA256

    ca07d995d9e94d9fd9e456e126700b2f254921dc45e4d6ba9f1d7d64443797d6

    SHA512

    f58aeb04f79cc7af38e947fde57190420dca9622f3f1b9a420245ed695386ded812b513a078840b5ac3a9faf3ddde43671bd31e64881184391e0f026e0c35bf3

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    1.4MB

    MD5

    68e17537efc9a066d4fa2e03d7fdcfb7

    SHA1

    1c6ac66fffeef1b17ac1c5146e36329a192101e5

    SHA256

    493e90e42eecf50954f4b859e93622e88210ac9cd881600258e19e5588e70935

    SHA512

    b3f38e78bb4cd2557a915dabeefbe4d87e0928f886ff7ebfb688e3e227716aa083f6116a36151cf3b49ba311bafc19e0105a4552042498b164c361946a93dfcf

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    894KB

    MD5

    45f1137fcbc2ee338290407120d46a11

    SHA1

    966e822d1f7e53f29d6b608c2b1d1d67c2e735c0

    SHA256

    2c8cd82524936b5ac544a53d3604d5706313027de4a599a69e9b66fb8b1d155f

    SHA512

    7fed0b6104361a201c2fb8b6c832d519b0309795933972baf80e603f487e4c2b85abd364b159de50d869540df6b0e9227afbbed6cd69872e7cf30052d41ebb39

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    893KB

    MD5

    783e1270d52c78318a90f78de5375b3c

    SHA1

    81097ec182d483d53f56f14b75722d9603edc227

    SHA256

    69644f592b7306f73418b438625af53ba11d3c3f12227e21802e60e2591bfd1c

    SHA512

    a67a8897ac5a5ac5b097d65cabcdfa6a7aefb45af1d64dcfa190ad3cc6e7a7f0e217bcc6f7f429c7edb1fa1e7e9dec47b4f878afccde7d383b64bac3758323db

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    93KB

    MD5

    bfc8d6625a3f87155f8c049e04b2ea82

    SHA1

    50ba8fc18dd33697a2d33ded925903140df87a6c

    SHA256

    08050be4c72ae4b6bc75da4a9c68d1bdd4dcc7c6f500b85b2d70d1350fb93f3b

    SHA512

    72856e025e5ca2670be1d0f11ce210ef3f0f60af92c9e11d9312b7fd2e0148e76ea4b865a2579219e3820bb43f1649000f26485685ceb7d3ac76a427b3052e23

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    381KB

    MD5

    2e6c5fa5421dc2472b426f9e20bb1a8d

    SHA1

    858ea62ed936482d0139a2a9f72f6471efb52c02

    SHA256

    cc29fe4d92038da803cb7fb2b12fd66ed619f330a923a3ff4914cd1c37061ed9

    SHA512

    1801fe226fe479c26e616e68d0f0b460565e81fc47485baf376f54c32c9e761b39dee0958b198be68a6b4388afd12e29070196f54475c8821831f0b6c6ac407f

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    92KB

    MD5

    94d0a59e3e1f8034cf928876b525b2e7

    SHA1

    30600a6adaa67b9869a92bdcd1fa14b38632e150

    SHA256

    ed4e1966cd563d7725bc4d87fc6c03e4f2c170a015dc364b4ab9dbe923de852c

    SHA512

    42d76e865408a314eac1a5158ec5b09058b07b0672ae4850e495ab029b40115e52037bd0248ddf546139aee00a78b442dbee2b5e56bf5653c42d45a5d64271bf

    Download Submit

  • memory/1672-0-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1672-5491-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1672-13435-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download