Overview

overview

7

Static

static

7

23aced8367...4e.exe

windows7-x64

7

23aced8367...4e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 02:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    23aced8367e0d0477fc9a7852e67584e.exe

  • Size

    31KB

  • MD5

    23aced8367e0d0477fc9a7852e67584e

  • SHA1

    a40598bc3b57f5b4a683cf9ac19f9779330369f5

  • SHA256

    9f07d2e726dd806e60ccfa7f3451dd277f5919dfd481b483a69933461a94c969

  • SHA512

    db4fb57de76b4ace894ad622fb491b3100688ced33fd0e8b56b5cdd6784f26c84f9a3b04277a28c6a6d4e2d67c539e6bb2e5779c28115cd8cbbc50289cb66ff1

  • SSDEEP

    768:JXOjKP4FPrbllI5tU8/orJ05QJB3q96js6jh2sT:J+jS8XI5ioAq0Vh2E

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23aced8367e0d0477fc9a7852e67584e.exe
    "C:\Users\Admin\AppData\Local\Temp\23aced8367e0d0477fc9a7852e67584e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3952

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\WowInitcode.dat
          Filesize

          46KB

          MD5

          d638011c54447634e191736f16fa748a

          SHA1

          30debbd06198755dbabc7a275cc5bb1b840a5d36

          SHA256

          1a03d145603a24c631bd891961b9a63d68246d2ef1efc5c22f17d25aed75e513

          SHA512

          d834a9936377b6213afe539ce6daee5a185af947756bd904f64163e907de26e6a7482d57ecd2b51c98a9b89455a21359251d8b8016333af24178626a3fb345de

          Download Submit

        • memory/3952-0-0x0000000000400000-0x000000000041C000-memory.dmp

          Filesize

          112KB

          Download

        • memory/3952-7-0x00000000004F0000-0x0000000000504000-memory.dmp

          Filesize

          80KB

          Download

        • memory/3952-11-0x00000000004F0000-0x0000000000504000-memory.dmp

          Filesize

          80KB

          Download

        • memory/3952-10-0x0000000000400000-0x000000000041C000-memory.dmp

          Filesize

          112KB

          Download