Overview

overview

7

Static

static

7

0ec81ea182...2b.exe

windows7-x64

7

0ec81ea182...2b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 04:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0ec81ea18219f43132b6c42447af582b.exe

  • Size

    24KB

  • MD5

    0ec81ea18219f43132b6c42447af582b

  • SHA1

    14f66a0fca73c1cb15760ec81b422a20f49a478a

  • SHA256

    ad8493c72a01dd61312f0b17822fa425ed6794a25a3a8acd77d9afcf0b0c62dd

  • SHA512

    010690a27e309c6260de93f4949f98e4082410a872eb32d64696ea0f42d82278410a0f550c41ab127b360db3c8022c3893325862aa01bc260195508bd9d4ad9a

  • SSDEEP

    768:xFP4gpQBstdr/NDFo0rmxddS/G5nTIhOL:xFPKsEvxdo/G5TIhy

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ec81ea18219f43132b6c42447af582b.exe
    "C:\Users\Admin\AppData\Local\Temp\0ec81ea18219f43132b6c42447af582b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1120

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\gameset.dat
          Filesize

          29KB

          MD5

          e762e35959cf5ced7c50a7813b36f5bb

          SHA1

          6b8f64837304acc8a456be3b906149f4a6449ccd

          SHA256

          b3f30b73af99fd670bb1420221d2b5913f743d1c515390f0de1d3bef13eb48bf

          SHA512

          59ed182586af5df346c4f118ab96ab0cfbdb3201c1b30f9cd53d667b391eefa65ce6cb140f7a0bff5480c9f64dfb238dcb0ae01b24cb20e0c33797f42f95e09e

          Download Submit

        • memory/1120-0-0x0000000000400000-0x0000000000417000-memory.dmp

          Filesize

          92KB

          Download

        • memory/1120-10-0x00000000005B0000-0x00000000005BD000-memory.dmp

          Filesize

          52KB

          Download

        • memory/1120-13-0x0000000000400000-0x0000000000417000-memory.dmp

          Filesize

          92KB

          Download

        • memory/1120-14-0x00000000005B0000-0x00000000005BD000-memory.dmp

          Filesize

          52KB

          Download