39f246fc78905245ba6bcd84a5cff56cb32263351404cf8f1e163a1a91fc7066

Analysis

max time kernel
0s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 23:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b62a437add2c81a274ea73b6e95f368.exe
Size

556KB
MD5

3b62a437add2c81a274ea73b6e95f368
SHA1

07ee033f6be6f1993c1d09fb701a85e29988f1bb
SHA256

39f246fc78905245ba6bcd84a5cff56cb32263351404cf8f1e163a1a91fc7066
SHA512

603380fbb8c850295c87bd598f12afe546a708df292a9ae1e891c8bbb886be46dd67206480d1444b6989f45c327059e15de5b1250a0e4e5b816a8b79d0d3730c
SSDEEP

12288:YGMVWEswD7o/Aoy51aISoO+YlyeU81GYOCmBmXHKwMMzk:YGSWEhnoIooSUY40G4imXHKwMMzk

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4040-0-0x0000000000400000-0x0000000000521000-memory.dmp	upx
behavioral2/memory/4040-1-0x0000000000400000-0x0000000000521000-memory.dmp	upx
behavioral2/memory/4040-2-0x0000000000400000-0x0000000000521000-memory.dmp	upx
behavioral2/memory/4040-154-0x0000000000400000-0x0000000000521000-memory.dmp	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4040	3b62a437add2c81a274ea73b6e95f368.exe
4040	3b62a437add2c81a274ea73b6e95f368.exe

C:\Users\Admin\AppData\Local\Temp\3b62a437add2c81a274ea73b6e95f368.exe
"C:\Users\Admin\AppData\Local\Temp\3b62a437add2c81a274ea73b6e95f368.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4040-0-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-1-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-2-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-3-0x0000000000CC0000-0x0000000000CC1000-memory.dmp

Filesize
4KB

Download
memory/4040-154-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-155-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-157-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-156-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-158-0x0000000000CC0000-0x0000000000CC1000-memory.dmp

Filesize
4KB

Download
memory/4040-159-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-160-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-161-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-163-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-164-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-165-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-166-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-167-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-168-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-169-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-170-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download
memory/4040-171-0x0000000000400000-0x0000000000521000-memory.dmp

Filesize
1.1MB

Download