Overview

overview

7

Static

static

7

6fcb784168...fb.exe

windows7-x64

7

6fcb784168...fb.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    201s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6fcb7841684182593dfc4e96631739b74dc9c2f8eeba2f2cb4d93b4cabcc73fb.exe

  • Size

    536KB

  • MD5

    d5f9582f8613276907c0a5a028f69ca6

  • SHA1

    1cc000a52d791d9f3330bfb2d709d49ad324adba

  • SHA256

    6fcb7841684182593dfc4e96631739b74dc9c2f8eeba2f2cb4d93b4cabcc73fb

  • SHA512

    007283172f14ad7067b921c6a91ba8c81a50bf443f91dfdd9926d83d81736ea30d9a325004ce8e8530e5ee23822bda0bafb74a9f62326575d636fa5867243990

  • SSDEEP

    12288:oAg+X5Sb/YtYh+Iyy5p6S7PNsWRdcC/Zl5TxG1qQfc/R1WEDfAnzg:omXkD7yURPbRdcCBPTxoq7n17Is

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6fcb7841684182593dfc4e96631739b74dc9c2f8eeba2f2cb4d93b4cabcc73fb.exe
    "C:\Users\Admin\AppData\Local\Temp\6fcb7841684182593dfc4e96631739b74dc9c2f8eeba2f2cb4d93b4cabcc73fb.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\tapi.ini
    Filesize

    39B

    MD5

    ca1af6e0a237f4690bb1b9f8acf40b36

    SHA1

    cef16f8932b8de69e85e75b7871ada10f8124d3c

    SHA256

    6c6b10ab91bbd3e2e644fa1833950a78157bd0fa61ceab12fc3018999d357fea

    SHA512

    5c5de1df3211449d06d1a04ed7f833d69b2f32d95af1cfc5cb6cff7d7bc7eb75732c145532f2a158192437b8a6d11cef180f0f2822bf76bdf06b250bc3f9ce61

    Download Submit

  • memory/2552-0-0x0000000000400000-0x00000000005A2000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2552-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2552-7-0x0000000000400000-0x00000000005A2000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2552-8-0x0000000000400000-0x00000000005A2000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2552-10-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download