Overview

overview

7

Static

static

7

1c8128eae6...6d.exe

windows7-x64

7

1c8128eae6...6d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 21:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1c8128eae60f94c3a39aa26b86a95e6d.exe

  • Size

    33KB

  • MD5

    1c8128eae60f94c3a39aa26b86a95e6d

  • SHA1

    056e707b6e36af12866768349f25e2068b800eac

  • SHA256

    53821e2bdcb3ce673843f15530b9fc6b635bab6070433cf9734dcf3bc7d9fc0b

  • SHA512

    00682305d51a5b9e3bd508750f0b286f4c50fe64a8909b703683c29ab4cdc8e93f3e389bdcf74e758628f05f1b96b3b35d8804ea3aa5bd919d92084a58105ebe

  • SSDEEP

    768:yi4uOFmaw6XwMEaq9C5h5hwNhBep5Pa3+2hKxPQ8OivB6R4owt8w9lbhroL:9tcwUQC5hTeiphaOScPfDl9s

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1c8128eae60f94c3a39aa26b86a95e6d.exe
    "C:\Users\Admin\AppData\Local\Temp\1c8128eae60f94c3a39aa26b86a95e6d.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\windf.hlp
    Filesize

    51KB

    MD5

    2c21fa058e57ffda64d23d48ee2179e6

    SHA1

    d8e2320f2af954c0b8e212f209ad6b693a21b516

    SHA256

    72593308a73cbf06b1baf1ced42aa29f94024f426bae3fd354ff63969e2f90a0

    SHA512

    f4a53c817804db1389a16d481174ec78ed47701f523b40d83f43bbcc8c25bb2bdadc14f2944ccec58d0797c5b20ce7a54857ef80928938208f9ab295fbfaf323

    Download Submit

  • memory/2160-0-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2160-4-0x00000000001C0000-0x00000000001D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2160-6-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2160-7-0x00000000001C0000-0x00000000001D2000-memory.dmp

    Filesize

    72KB

    Download