4fc97be702bceaa70d2cd358259c83520fd806c0bd89d1e3bf2e7613f7589c9b | Triage

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 21:38 UTC

Sharing

Report Analysis Logs

General

Target

1d40a51ad9be884481bc988d035fadd0.exe
Size

11KB
MD5

1d40a51ad9be884481bc988d035fadd0
SHA1

b6e1e44d25fcaf8d0b761be6f748ff446fa7cf55
SHA256

4fc97be702bceaa70d2cd358259c83520fd806c0bd89d1e3bf2e7613f7589c9b
SHA512

c68347fc0c2adb27184ae6b72b02aee39e58b611c072cabf345bdd3d2ddb0bedcff28c25421764c58aa4dade513135e8eafb9acfd54f12de274b0614018a4a9e
SSDEEP

192:X6RJoaOC3XRceBLgSXcKnUE0vlJlLiNmzNOFz5XCT2Nc:X5CXRXsAT0t/OFz5wWc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2088-0-0x0000000000400000-0x0000000000414000-memory.dmp	upx
behavioral1/memory/2088-1-0x0000000000400000-0x0000000000414000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\1d40a51ad9be884481bc988d035fadd0.exe
"C:\Users\Admin\AppData\Local\Temp\1d40a51ad9be884481bc988d035fadd0.exe"
1⤵
PID:2088

Network

DNS

kevinmitnick.mail15.su

1d40a51ad9be884481bc988d035fadd0.exe

Remote address:

8.8.8.8:53

Request

kevinmitnick.mail15.su

IN A

Response

No results found

8.8.8.8:53

kevinmitnick.mail15.su

dns

1d40a51ad9be884481bc988d035fadd0.exe

68 B
68 B
1
1

DNS Request

kevinmitnick.mail15.su

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2088-0-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2088-1-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download