Overview

overview

7

Static

static

7

377d43e92f...7a.exe

windows7-x64

7

377d43e92f...7a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 13:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    377d43e92f237d52004ac900e157447a.exe

  • Size

    357KB

  • MD5

    377d43e92f237d52004ac900e157447a

  • SHA1

    b255c89be3cb67bb4a5283b55d4af5de84dcf90a

  • SHA256

    e87c729cc758e78031c49b97ca0d84a89d9a3e9760236c3b26f63f1df9f121f2

  • SHA512

    262b481e253d26f31d4319bf71e23e648a4b272a40eed19031d333be09eec2a4dd8af5a9413b9515ba475be3807e7bf395572ada9b67672766a323b7699cf3a6

  • SSDEEP

    6144:98yZw0EMTNHw7Ip+rKUEqpjyfe03qJf1zw4T/+8zXTfwcDKl+oSUwJ:aZ0btw6+rK5qkfe03j4j+cD4choSh

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\377d43e92f237d52004ac900e157447a.exe
    "C:\Users\Admin\AppData\Local\Temp\377d43e92f237d52004ac900e157447a.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2136

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\GetRightToGo\377d43e92f237d52004ac900e157447a.data
    Filesize

    1KB

    MD5

    bba826d4b5810c13a3745f6037ab676a

    SHA1

    a13ab5a2b6edde4044e130d150aa52337596d95c

    SHA256

    90a1e9a00f100c06c7100b0a4c2ad3820c4bec4ea5f46b7ae5e77c9dea825de4

    SHA512

    92d030695c4e65f75eae3a97f835e4d1e1890ae65c23573c99a47626c8fa798d1cb9bd3deb81a2fe70b30c1fdda523186a89a903fbf35a75940a44f1632db73c

    Download Submit

  • memory/2136-0-0x0000000000400000-0x000000000050A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2136-11-0x0000000000400000-0x000000000050A000-memory.dmp

    Filesize

    1.0MB

    Download