Overview

overview

7

Static

static

7

5b54842073...57.exe

windows7-x64

7

5b54842073...57.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    88s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-12-2023 07:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b548420731339e412477b228fdc1457.exe

  • Size

    1.6MB

  • MD5

    5b548420731339e412477b228fdc1457

  • SHA1

    4b0c38287f8f75092f37a63fce10f89edb57d7bc

  • SHA256

    1135760347ee73a487e431146362747b0e02683924056c0404cdbe8c27b94e5f

  • SHA512

    86b939f81577146135418b9c6e9d574dedde41482fdacc7aa83dbca70a500aeabf01c95917cb8f9d25b1f07feae8d3bedcf5a9906bbc85b3f8f393eec964f75a

  • SSDEEP

    24576:t54AuPJFs8zCLf0KcrH9T1zq1lm30+03LuT7gkxTn6V/UoSo11fpUJXs3GUnCN1V:jirdCz0KcrzL07FkQeofWJQobcBPDX

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b548420731339e412477b228fdc1457.exe
    "C:\Users\Admin\AppData\Local\Temp\5b548420731339e412477b228fdc1457.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3504-0-0x0000000000400000-0x0000000000900000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/3504-1-0x0000000000F10000-0x0000000000F11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3504-2-0x0000000000400000-0x0000000000900000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/3504-4-0x0000000000F10000-0x0000000000F11000-memory.dmp

    Filesize

    4KB

    Download