Overview

overview

7

Static

static

7

2bdb8e3685...2d.exe

windows7-x64

7

2bdb8e3685...2d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    159s
  • max time network
    240s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 16:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2bdb8e3685ee848c0327d6a10052e42d.exe

  • Size

    42KB

  • MD5

    2bdb8e3685ee848c0327d6a10052e42d

  • SHA1

    b6d33c3a6e9c2d1455277e60bb1d27b4d1051468

  • SHA256

    e13b99656911ab14798951298ed244a8776bdf0d8b9d27ff70546ae8394b79f9

  • SHA512

    f1baa1127d0e31cca6e9c88521e17e8393978f82bb9aaae0240cd4404fb2534779bd904b920a9431c9f2183e36e603ca917fb18bd7b1dfcac62fc50f77f6109d

  • SSDEEP

    768:JMHExfpdfohQEI/ctS09eqIXr1iAL2O8GsULdyJe2SVR:Jkgfroez/c0keqohio2OCNJeJ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2bdb8e3685ee848c0327d6a10052e42d.exe
    "C:\Users\Admin\AppData\Local\Temp\2bdb8e3685ee848c0327d6a10052e42d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:560
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Genuine.bat""
      2⤵
        PID:3024

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\Genuine.bat
            Filesize

            340B

            MD5

            e8335ff584fa36a1937a3f520689cabe

            SHA1

            4019add00c1230ca7f08ab034ffb8fbd629781aa

            SHA256

            3ddf09508d395dbd29603b00d4acae55cc17ce5bef16e943619e20b6e912eb93

            SHA512

            98880043103a570ba6c7f51d77d1c911cedd62a0ba72ca9236e0350f8de8538557b3a9da29462ceee80bea2c17c48a7f24931c9382bd3ec7e444a30322b9893a

            Download Submit

          • memory/560-0-0x0000000000400000-0x0000000000424000-memory.dmp

            Filesize

            144KB

            Download

          • memory/560-4-0x0000000000400000-0x0000000000424000-memory.dmp

            Filesize

            144KB

            Download