e045ea342e07ea320e90711e00f61d8e608857403583781aaf4e17b21b257bff | Triage

Analysis

max time kernel
141s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 08:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

13c1c6328658c59389cdf7d8c1c81a8f.exe
Size

234KB
MD5

13c1c6328658c59389cdf7d8c1c81a8f
SHA1

be37bbf8ddc083f08a819c46204be3e422c5ee6f
SHA256

e045ea342e07ea320e90711e00f61d8e608857403583781aaf4e17b21b257bff
SHA512

deba83e23051d0284b656dce2512b8c3b568bf6646f9537edab1966f9cac3ce4364051bd50aa2e7adf0c7367aa5876265e6375c715d54c3e025271b57d022fda
SSDEEP

6144:n7c2llWCNo//Ij+qWr63tD/9BiQ7Rs8KhL/tSVGU:AZZIaqNZTiQ7QhL/t6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1352-0-0x0000000000400000-0x00000000004B1000-memory.dmp	upx
behavioral1/memory/1352-1-0x0000000000400000-0x00000000004B1000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1352	13c1c6328658c59389cdf7d8c1c81a8f.exe
1352	13c1c6328658c59389cdf7d8c1c81a8f.exe

C:\Users\Admin\AppData\Local\Temp\13c1c6328658c59389cdf7d8c1c81a8f.exe
"C:\Users\Admin\AppData\Local\Temp\13c1c6328658c59389cdf7d8c1c81a8f.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1352-0-0x0000000000400000-0x00000000004B1000-memory.dmp

Filesize
708KB

Download
memory/1352-1-0x0000000000400000-0x00000000004B1000-memory.dmp

Filesize
708KB

Download