Overview

overview

7

Static

static

7

2ce4950539...96.exe

windows7-x64

7

2ce4950539...96.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 07:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ce49505391e864ae04d900d22590396.exe

  • Size

    27KB

  • MD5

    2ce49505391e864ae04d900d22590396

  • SHA1

    fc9ab860ce4d8d2bab3adc5c15cfd700e0f96668

  • SHA256

    4535b725fc456a4e0eff35dfff80f6161f3407299d61d05768d90b3b5759f790

  • SHA512

    5bcc15038b738540c214e76573ac746766641dda058bd757130d3bce02577d256e5adfc46bd12b92711762041840c4ff46a96501b25f381d959eaa766488a0ac

  • SSDEEP

    768:o6K8BBdfs1jlOf8c9sDL41wD0/AlSZLgddFenc:ogB01J1HEGJAZcddFZ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2ce49505391e864ae04d900d22590396.exe
    "C:\Users\Admin\AppData\Local\Temp\2ce49505391e864ae04d900d22590396.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2668 -s 64
      2⤵
      • Program crash
      PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2668-0-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2668-1-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download