Overview

overview

7

Static

static

7

06b31ea7b3...25.exe

windows7-x64

7

06b31ea7b3...25.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 23:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    06b31ea7b3ef199210937db218b59325.exe

  • Size

    2.7MB

  • MD5

    06b31ea7b3ef199210937db218b59325

  • SHA1

    b1952fda0179710adb82b70a44e7ad004e074b90

  • SHA256

    51089d078f867ad4311c2fb0101b141e93ffd3370ec0a6324ff35bd9e36a8922

  • SHA512

    cfa1098aa3b1b0b604075d8e5c8a41b3f7f253b7723a855ba60d0f007592f0a8da7a4cb0ebf4fd3aeb884ed69d1de0a3193b994dd5eecec7d7920d90698b8d9f

  • SSDEEP

    49152:59bEXCkjVogC4NUKTjwYgfawN74NH5HUyNRcUsCVOzetdZk:zbEXCkpom3MYw4HBUCczzMO

Score
7/10
upx

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06b31ea7b3ef199210937db218b59325.exe
    "C:\Users\Admin\AppData\Local\Temp\06b31ea7b3ef199210937db218b59325.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Users\Admin\AppData\Local\Temp\06b31ea7b3ef199210937db218b59325.exe
      C:\Users\Admin\AppData\Local\Temp\06b31ea7b3ef199210937db218b59325.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2068

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\06b31ea7b3ef199210937db218b59325.exe
          Filesize

          2.7MB

          MD5

          03b1b680159c1dc8acd89a2147b97abb

          SHA1

          de352bfb8ca6adf0f0ef18aaa30a7aa34a813419

          SHA256

          6ccae4c7c6c2c3d0bda29acdc3e7c880de0dd27aaf3d76dd473325ccd4a0f907

          SHA512

          b75f28ad3e0973ebcdb26d869984c8c435ac7dfc23379e7d4bca47ce62ba9b19f0432a56a69eb4ffff64ab0dbd382a08903dc52f9b0d35ec95521efaf084bf0d

          Download Submit

        • memory/2068-16-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2068-17-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2068-19-0x00000000002B0000-0x00000000003E3000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2068-23-0x0000000000400000-0x000000000061D000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/2068-25-0x00000000032D0000-0x00000000034FA000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2068-32-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2224-2-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2224-1-0x0000000000130000-0x0000000000263000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2224-15-0x0000000003760000-0x0000000003C4F000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2224-13-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2224-0-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2224-31-0x0000000003760000-0x0000000003C4F000-memory.dmp

          Filesize

          4.9MB

          Download