Overview

overview

7

Static

static

7

288423b2b6...71.exe

windows7-x64

7

288423b2b6...71.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    97s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-12-2023 15:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    288423b2b674313dff26e9b51941e771.exe

  • Size

    1.8MB

  • MD5

    288423b2b674313dff26e9b51941e771

  • SHA1

    de92e00fdae6fd73c1140d45df5dfb647f49f411

  • SHA256

    31fd6611b1e928487146922472db87b5ff2dfff4a2aa9c4509d5ad975560f81a

  • SHA512

    dea6b39b56c7b83cc77a0e037e366df23f561dbafb08cc8a9505701b0bd7feb68c007296a2b5bc7f14065e510c8d160b329504d8d6e8f5e422f601fc1c00d5af

  • SSDEEP

    24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqX:SCqm2Jpr0nNM7Dus7Nxq

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 12 IoCs
  • UPX packed file 16 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\288423b2b674313dff26e9b51941e771.exe
    "C:\Users\Admin\AppData\Local\Temp\288423b2b674313dff26e9b51941e771.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Program Files directory
    PID:4592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7-zip32.dll
    Filesize

    77KB

    MD5

    3e9b1b1d854336809f6a5300baaaec6e

    SHA1

    c50a57ebecd58359766a12606a7405438a5f7ec8

    SHA256

    4c75ef54ca11f78ea5bdee7cf6f2c7f7b865ca01923134d8b5452e833c9e79ef

    SHA512

    9612b9b28bac1ed0bd11783f77df3a5fc19f342bc18452ed9fea465b0d1de677ed903678bf3c98001996650c8ebd85ea250707f016b15aaa97dece39f97b6bf3

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    122KB

    MD5

    15ecedb7d8d842991d1040afbd153634

    SHA1

    736ee235d85f9b2a270ab3d5633143d423520659

    SHA256

    c5bf30f8afcc431bcb17a55ba858caac65cebf826a56678f015c084ead8a3c65

    SHA512

    f43a837684115491f14f6bab9f61e16c26ddc63084286e8235778289cb5943a6ead24e6eb8246bbaa7be45a17da96ebe4e7e849985c9cf9683c0e098a5ea547b

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    68KB

    MD5

    c92dc8b31bd00859b3e5b8d4baead987

    SHA1

    0f7eef7a7e0d2243eb59f7ee1e5a360b9ce9eee1

    SHA256

    1bfabc1e012ee8b52963cb31d9b82f01e31126241d5a0666bca7038569fdff2a

    SHA512

    1604d916ec3ee5f9cac4647ef232305848640941fef959596c0c545e5babce67b4373bf8dba1cf881804ce096a81100988fc2e845033c2b24a4d20008a647673

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    38KB

    MD5

    2b44449fb85f836d8839e93b35140186

    SHA1

    20a367d5f6d0ba18fca1138d70abaa3ec220dccb

    SHA256

    15c8f078788d273cd85ac5a5e2f9dd00b0214eebce55998f1d1b35b3b3deaf76

    SHA512

    146acc3655b80d95090588e3713e775d5aa9d799b9e88d85b999477425ee0bd19e5457a1107c32a8ebfb29591cacbcfa6cfc292766dc53b1ac806947efd00fc0

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    76KB

    MD5

    042906c2bbf27d1b97460157c5af7145

    SHA1

    f661fc9e422bca84a5e612bd1d8235effa795f55

    SHA256

    e6424e16389bac8a279b95560431180cd8e2059b60252372fe1fcd078edb3bdd

    SHA512

    d9d2516012c654b02920b32b656586e8317b7797c56df6cada58446564c6122581f05e47e0ebb71226d18492c793eb203d154ba0599c86a87b5e6d54df8b7f05

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    53KB

    MD5

    bc55963a2a2e02cc1e581640d762cfd6

    SHA1

    03e2b4d27f3a3b7da811ca92eb37e0c1784d2d16

    SHA256

    b33aa3b8d19412909fdef4e7491e7273379a4c1d20cf68ad3826fbde32061ba8

    SHA512

    a27e805beb0413226d54a16f4d1e234f8bc1ebdea1a8b2ae33b692285af8ff201ba9af89b336d7291e59b9eb11c07ed7da21b4c44f419974dfc1afd4b5074031

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    84KB

    MD5

    a275c678bac7aea4ec3c63ef7eef16c6

    SHA1

    27bfc1a382a620ef3cda4b5c4b0abd48a35b1398

    SHA256

    f39897df8222d0f3ee72fab499bbce2da2fb5c9b6a2a03e6b395e2c8c3ff7faf

    SHA512

    fbd2ca7aa9c895974cf3ebb489c7e13c054d2504fe2fa13727744f7a93ceacbdd8dd11622c396cebb1e79376fb9563f5f645e097e03cfbc40c694a894fea905a

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    48KB

    MD5

    6a93f0f41b07e9eddd29c40e84692a3d

    SHA1

    5a5d839b10626d1955e2280b4a782d53234ec495

    SHA256

    f4622da650e738a02ae5dc4f2de11069921818221d2a8f96a8b1a5829d3e9f86

    SHA512

    1d5aeec8287fe0a4f9afaf9a958185171bf2a2ba16347fc4bc90f943fffbc98bbe8c1a6fb4def6af9baa6c6be0466c8bd0c517428d8a94a109e9d5208e73e4c6

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    48KB

    MD5

    fa7b5cf608d529c104886c872ef0a880

    SHA1

    2a626b54796195e1073bc9af232c5469cfcfc05d

    SHA256

    68c09f7cb741d64e4f4232a6574a141c7abbce1ca4270363243d21edc9b6ca54

    SHA512

    833f610f96e7c03214fa8c7c5262aa16505959870ef338bec45e8dbf488d520974996bf7f043c75180a9756889639f5c723df09300f7749cf96a98b20e532adc

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    49KB

    MD5

    4e4118f261a9ef5a96e5309c2256c8da

    SHA1

    4db31decfbc95ab02722f1996705c014dfd15a13

    SHA256

    a6ffa35ebab603db865d6c61b569ccc4643fc592fbb4b318e167776666c1efa5

    SHA512

    4839e6fb17df4716bed278bbb1c89022cbc2fcdc9bd5d8ae9c60bde430f1d5df3bf5d8c17a64a35c57af3036931dad7f0ff9dac6e11c8d6bc3d07f2e0ff7fe7d

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    64KB

    MD5

    e0a5a5e78ce315bd61620ec8cda04265

    SHA1

    95b6e664502e4c54b0dc6240b36bed817e2b5e63

    SHA256

    741e60c8323046cee7b3b6240c5649309d84cf670ce28cc3c3e011846de4c373

    SHA512

    8d4925a2fc3a5b325a4071e20d71b3961321b38eb5b9fb51a927f380f8cba440583150e236dc50fd1d7f9e31778737bfffad11d3629d930ebd0d7de325328ca0

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    46KB

    MD5

    b855301e4bf4fecc1f8554689c76bac6

    SHA1

    0a7a346ced6f78ecc4b0c653372f757c8d13259c

    SHA256

    6e927595bd445eae31ce7011d710471f9f9d638767c25e28675d87eb9cb50fc4

    SHA512

    87368101949ec8d74c2392121b3522c26d0df054bee9e3c6a27a4d77e1084c95cb1a910d287e16a3f87e969f8888a8e778ed135c65e1a3b67b9ec0bc0a8e320e

    Download Submit

  • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
    Filesize

    40KB

    MD5

    f09dc5bb448ba7a2522716603108f72f

    SHA1

    c54919ff9c08dce129ee351d483013ab1ac42bb5

    SHA256

    494a4472f280a1849e4314a46d581a0f4d74e4c6a264da73397c3abfc9d79a65

    SHA512

    36292f7fabc531b2291192aa372ac66cd788ced7016f8a4f519b1a572ceb186761aca4e716344e5e83adc800ab5afab970219988d31d4925f8d30c8bef603870

    Download Submit

  • memory/4592-0-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4592-6143-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4592-13393-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download