Analysis

  • max time kernel
    142s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 12:38 UTC

General

  • Target

    366be0741b23bcd47d1b005efde16d45.exe

  • Size

    8KB

  • MD5

    366be0741b23bcd47d1b005efde16d45

  • SHA1

    53c413cc84596a9df3684f3e1ed009cb974c1de3

  • SHA256

    c67a55ab99426ce075acd5c150f3937244dcd759bd591210e219da7a62c025f1

  • SHA512

    d535c30038600d255ffa4cb61648c5c14013e02e9a83209b804572eb58cb433ca3c440abb6f8c73754df7ed6599b57175823021f32ecabfb7474b747c84c1919

  • SSDEEP

    192:gjmNW/ZAUk1RO1E4DEhComMAkPaQKylkqJ92MV:0bk1EnDEEomMAkPJX3L2MV

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\366be0741b23bcd47d1b005efde16d45.exe
    "C:\Users\Admin\AppData\Local\Temp\366be0741b23bcd47d1b005efde16d45.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2080 -s 140
      2⤵
      • Program crash
      PID:2648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2080-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

  • memory/2080-1-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.