Overview

overview

7

Static

static

7

093d0d01c6...fc.exe

windows7-x64

7

093d0d01c6...fc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    093d0d01c6187eacf34d4213014d88fc.exe

  • Size

    13KB

  • MD5

    093d0d01c6187eacf34d4213014d88fc

  • SHA1

    9b2df972af1d7731ad7235757131ffb8f654cf85

  • SHA256

    3b35745a6c23954456a1571d1df15ad13f17fed56b175a55f2652eaebea55045

  • SHA512

    54d4048c689b8cad8306dac66853911a08f82972505520bca15b3c0dfac0930c2067071397f0459948951805dbd3babf3698f2850da9b260f51f081bf12223ab

  • SSDEEP

    192:CS4gbgkAN4SJj+bfrJsUwv7E67Pwnr9ZCspE+TMwrRmK+vhOr+0Ta:CS4uI44aJ+7NbNeM4ml0Ta

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\093d0d01c6187eacf34d4213014d88fc.exe
    "C:\Users\Admin\AppData\Local\Temp\093d0d01c6187eacf34d4213014d88fc.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=43
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2424
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    064b776d7b2a0938110e3937d7812d32

    SHA1

    976a4da7700bd45357b0b9ea334045c188928880

    SHA256

    1a701385cca503c0d5b27e47411fa45591d862b9fce11b95b6ac9b0a30263baa

    SHA512

    989d8006917468c23b4cb2eaf930d002534caae701b96e760e71f49ced1fb2a133f8e631237c1c20ed74b72244dda5ba3ad5bbbf3f3e5e03bbdba48d2c5c1edf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8846e653dd65f5104740fd1c01979d04

    SHA1

    2b7e1ce8ed2b5efa19c224be881656b89f4fa29d

    SHA256

    05de7d5d34df5721dc0464dc1354e3ad195f308e2673f85b1a5b288e4c21d2ea

    SHA512

    cd381936676ef293699d1ed4a24284e17157bd05011650ca81c2062842146be9b23d1a25b46869fc2ee2ad348d558ccb18a27c59bc059b343a9c0a228e0229ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    373c698e0ba430cd28cc2efdbfee2637

    SHA1

    f8fd2c9fd643a395c5540e8ccce5d9408e2172cb

    SHA256

    20f50f67039b062294640ac7a6ae605cc8ee389c0bbac2ecb93272d0ddcbb3c4

    SHA512

    085d107aa3dd4c31ea7e55c637632d0bc324aae35b66d957e4107c32228a86629902b0b8f3ecb5a4d8516fc19bcc5040c7eb9420cfdde9a9bbfa130d4284dda0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2b1d665ddb97aa8bd146cbc0898337c

    SHA1

    8da5b652b60555589150fc1803c57ca2e9680a8e

    SHA256

    b668fd5a5313905891980fcb6d26042f6c846c0563d02678a78478d907885d26

    SHA512

    edd811cd4510c2738a3f9ad9adbd140893294dece4b4b581100402e13c3c9487bc264fe38478ed201c4667499a6858505e88a38882560391289696c3cc3a1051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28cd81abb89036d86ae95d2c0d452911

    SHA1

    cffc64644f874471712d9e0a5873415261da264c

    SHA256

    20839dd923cf19c785ed1f9f08ed607753c86baec8d1cc81ba5a534963ac3134

    SHA512

    993b2a658991c494fd5f5d37c62758d596a50452fef8b153bc963d2553476464d34349581e26fff89693d61ac3a23dae8aa741216f9a170bef1a3abae745bb29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daa4737d09d7be25073b375cfdd3de60

    SHA1

    1cbc03519678ce5feaede5ab1b1ba21e5313740c

    SHA256

    399e67b56cfc07ae8a68aac213aa4828c12b9f398de551cd7790686c76ac015a

    SHA512

    3a592fd8c6a271ba6640979e2a561d5c9e3810ab8b497c5f7c649edbb54d4f14145c7f594e9e303e9751917c20c7b65e308377155c104d8333d3fd9ccb4c6c1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce21f9040c2eb1430148cff858cdc6fb

    SHA1

    671ad8c25f8ead71a1f302758f6cf0bc2ebdec3a

    SHA256

    bed821567220c637342d7d7df68ca07de39ad573557f197484f01ce87c71fc30

    SHA512

    7b7ff668bc7e7fe2fbdcd9709c143365b47615f4bcfb7a5023b7b3d3253066149312c2b46046e461210314e0db2930b7afd28623d735074a8d1cc98e0e4e283b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47f74dec7978b306037ad4a605c0b636

    SHA1

    6cff94cf55947602d1abea330490d70e0c362022

    SHA256

    c79660cd8c57c2794b73d8e2c1115e45ad305527e1b3fe0718cb881f16c4ff0a

    SHA512

    f923510592ea98b461e427738587cd5c940fca098150703dbabb30b6445014ff234e475bccccf0d27192d3402dd839c28bb4a4c0400c25adccdb3d3dc5c94b93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    520e2f8c81f4f39d124ef86694f32d97

    SHA1

    809f4d679a658146b0a3abb34dbfbe560e0080c1

    SHA256

    34ff5c74e33603f009529977bf427a783b5d3935b6253bf3fb4f4a31d16de100

    SHA512

    bb483acfdb254fd933639d850cbf68cb3eee93dba4fae6da0e1ab66a075d6fb33e844563544f6abc75f49d373e292da2f932a5b72c39c5fef898bd70e8b30724

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    379b3ad24d182680e8bbbcd487965879

    SHA1

    0a8d74d9fea204f6118f2b5857a0f1c6d7dcadaa

    SHA256

    92cbb7b28244f46c404c271d9a7c8e97c408dfc9023362a917e0418b2fc7ad62

    SHA512

    472fe9fba5099db162da27b06af3d304b2ee6a87be588e15acddbfb56e134c510111e32cdcc98f5da3d644f00c95d548575bb6ea617387bb518e882596e999fe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7EC2.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar88A6.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2132-1-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2132-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download