a335fecf157a32161ced904d9e61f2dcfe2be6ff9b8eaaf0b01ac9df17730234

Analysis

max time kernel
197s
max time network
221s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 10:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

67f83a22554187e8f136a2600ec264d2.exe
Size

2.8MB
MD5

67f83a22554187e8f136a2600ec264d2
SHA1

39b37c494257dd6c8e50ed7b0fd1471b4b5a78b5
SHA256

a335fecf157a32161ced904d9e61f2dcfe2be6ff9b8eaaf0b01ac9df17730234
SHA512

1969f18e7f2bdf3362ff609a979ca2b37f20e391d7bde5c3f622b02d085eecda015c1aa416c0d81373922858a28db90d42a6719f1fe94fc51d1bafbf4bb4d1a5
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV911:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0nJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4304-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral2/files/0x0002000000022794-5.dat	upx
behavioral2/memory/4304-15-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops file in Program Files directory 59 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\co.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\el.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ar.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bn.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\History.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\History.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\en.ttt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eo.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7z.sfx.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7zCon.sfx.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\el.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\es.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7-zip32.dll	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7zCon.sfx	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\az.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\be.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7-zip32.dll.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7zG.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\af.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\en.ttt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7z.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\da.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\eo.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7z.exe.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\cy.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7-zip.dll.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ba.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ca.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ast.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\be.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7z.sfx	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7zFM.exe.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\an.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7z.dll.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bg.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\ca.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7zG.exe.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\br.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.chm	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\bn.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\7-zip.chm.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\cs.txt	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\cy.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\cs.txt.exe	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\Lang\de.txt	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.dll	67f83a22554187e8f136a2600ec264d2.exe
File opened for modification	C:\Program Files\7-Zip\7z.dll	67f83a22554187e8f136a2600ec264d2.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.exe	67f83a22554187e8f136a2600ec264d2.exe

C:\Users\Admin\AppData\Local\Temp\67f83a22554187e8f136a2600ec264d2.exe
"C:\Users\Admin\AppData\Local\Temp\67f83a22554187e8f136a2600ec264d2.exe"
1⤵
- Drops file in Program Files directory
PID:4304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll

Filesize
2.8MB

MD5
8c8a666f91fac25c7d3c0ab040954e33

SHA1
550035076e2ccf6c90d72dd97ddf836389b9f4d0

SHA256
7c58a233f1343584cd8481e7025dcd3f496101a44514295883b53e3cd6ddbddd

SHA512
db960edef4af343af97e3ab2b1fb0d469b06d5ee2cfe32143837f32c0ff9951264984394dbb22317b8be1c4dd39cf26ad35e6ee10f8d6c8c88de810d82c9c185

Download Submit
memory/4304-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/4304-15-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads