f958291a8108d3b3a40b69fefc163aec33b923609f775bd204d1d9193fce17ca

Analysis

max time kernel
0s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 08:18

Target

5f3144d93219d31f09fee8b13a45f4bd.exe
Size

630KB
MD5

5f3144d93219d31f09fee8b13a45f4bd
SHA1

73f239fd7df794702936496e054635566ae4d934
SHA256

f958291a8108d3b3a40b69fefc163aec33b923609f775bd204d1d9193fce17ca
SHA512

775ef67048cc6e9f64a439a9a1d5f12f0a9fa6e4cdd40c2fd023066eade17928521505d9502a6e4cf526a1866a031b0ec6285ae4c8d2419da4a9e0dbd682dcfa
SSDEEP

12288:ZZirrR8cEju21x9Kk9C47FMUwnVbk8Xe533sUP8FvTspNIge2x2RAUHf9HFq:ZZOObuEMWzMtV/w33IFvTqeLlq

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2336-0-0x0000000000400000-0x0000000000595000-memory.dmp	upx
behavioral1/memory/2336-74-0x0000000000400000-0x0000000000595000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2336	5f3144d93219d31f09fee8b13a45f4bd.exe

C:\Users\Admin\AppData\Local\Temp\5f3144d93219d31f09fee8b13a45f4bd.exe
"C:\Users\Admin\AppData\Local\Temp\5f3144d93219d31f09fee8b13a45f4bd.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2336

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

C:\Users\Admin\AppData\Local\Temp\mediaget-installer-tmp\index.html

Filesize
11KB

MD5
4c5df04eb8ce6ba4a227e75f6ff24d46

SHA1
ab95756d2ef78c93b45b9b9d0750d41b35715387

SHA256
eee548c1c111a38fc007d2a894b8b74729a425ad39130fc29c00d09d051f70f7

SHA512
25d48f6ce85e6e34b5c060b196a32a5a3ded17c3c874f40755198fe4be6b2e484274ac725bb70a72756e42ca73170fab422cbd6e8db24e591c3c3b52d3f690a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\mediaget-installer-tmp\js\jquery.min.1.6.4.js

Filesize
89KB

MD5
219073097031d9c1a95a1291d66f3a10

SHA1
2b7996b01d90b7f424f2a2e6063947461db4b2b2

SHA256
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef

SHA512
9ad2745f96cf79a4d59393cc3fbb3958b244013f6798c12abe41e37fca80df3c7cedab4b47cbd197645c86b31077388ec8f01ea8d67c5feacbef95b1ae7582b5

Download Submit
memory/2336-0-0x0000000000400000-0x0000000000595000-memory.dmp

Filesize
1.6MB

Download
memory/2336-1-0x0000000004180000-0x0000000004181000-memory.dmp

Filesize
4KB

Download
memory/2336-74-0x0000000000400000-0x0000000000595000-memory.dmp

Filesize
1.6MB

Download