23bad84536f1ef94c87ba2a1e200b9a5bd6090920715175ed19d1413276468db

Analysis

max time kernel
132s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 08:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

test.exe
Size

12.9MB
MD5

e46c418d5255120e38f6247e1e7ac53f
SHA1

4cb4ff59b4c70cf7a2f9db4e0f2a8cb1a7a7c6bf
SHA256

b0c5d558a765f6310b1235d7230358edddbb98ca3b3f4e09be0a644aa4ecb8e9
SHA512

eab3f14ac94e0b1beb074c41a3007c8e55c1dfe0818b469e9e739133e79b7e99573753feec5077dfade699b82009144817d500903c356dcc1eb44b03084cf14f
SSDEEP

6144:jKxQooikzqDSee+TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTc:2xQNiHSz1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral12/memory/2036-0-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral12/memory/2036-79-0x0000000000400000-0x0000000000423000-memory.dmp	upx

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout = 130000000000000000000000300000001400000016000000010000000007000080010000030000000103000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	test.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBarLayout = 110000005c00000000000000340000001f0000006e00000001000000a0060000a00f000005000000220400002600000002000000a1060000a00f000004000000a10000000f02000003000000a10200003b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	test.exe
Key created	\REGISTRY\USER\S-1-5-21-1815711207-1844170477-3539718864-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser	test.exe

C:\Users\Admin\AppData\Local\Temp\test.exe
"C:\Users\Admin\AppData\Local\Temp\test.exe"
1⤵
- Modifies Internet Explorer settings
PID:2036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\b.txt

Filesize
172B

MD5
54aeeca3aa6daa3d6ac9f3f0a579b7c7

SHA1
e4c4da9c1161f7e6b39ad0c256d21e06d1da5215

SHA256
56c08525cae56d2c103322a677dbfa8d5b4a9fb317bd59036f75cc692f157c17

SHA512
0a8c1586d0b36bb10e9108bc3208b0e86a88b214c34a7f4c5bcc083e7bbe2fc474ad2878c9fc42a07f3a2baafd376b38100ad0f76cac53707fa254bec02b2aa4

Download Submit
memory/2036-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2036-79-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download