45cd842e85165123736f691933b621fddb28645d4cc04b4e142fb9dc270e4703

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01-01-2024 07:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3c3fc14c3aeb48a4d40145464d74aeb4.exe
Size

237KB
MD5

3c3fc14c3aeb48a4d40145464d74aeb4
SHA1

c42f7c187450aa86f6494d17f79e2abbb8581f8a
SHA256

45cd842e85165123736f691933b621fddb28645d4cc04b4e142fb9dc270e4703
SHA512

03356527bbe71f313e157a8177bc7e914aa79098e3b2aaa18596ec2bd2f0b1d9f644070490940be31af8857496ff08f86c7308427e66d7fe486fef40d8958314
SSDEEP

3072:blN9RkkkkkkTLJ0Y6LFWOlN9RkkkkkkTLJ0Y6LFWemqTpA9ARE:5dkkkkkkZ6ZxdkkkkkkZ6ZNVe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2356-0-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral1/memory/2356-1-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral1/files/0x0034000000016131-6.dat	upx
behavioral1/memory/2356-18-0x0000000000400000-0x0000000000423000-memory.dmp	upx

Drops file in Windows directory 16 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Half-Life 2 + trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\DAoC + fix.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File opened for modification	C:\Windows\win32dc\DAoC + fix.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike_trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Sims 2 fix.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Counter-Strike_trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File opened for modification	C:\Windows\win32dc\UT2004 + codes.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Counter-Strike trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\DAoC_fix.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File opened for modification	C:\Windows\win32dc\DAoC_fix.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Half-Life 2_trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Sims 2_crack.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\UT2004 + codes.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Half-Life 2_hack.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe
File created	C:\Windows\win32dc\Half-Life 2 + trainer.exe	3c3fc14c3aeb48a4d40145464d74aeb4.exe

C:\Users\Admin\AppData\Local\Temp\3c3fc14c3aeb48a4d40145464d74aeb4.exe
"C:\Users\Admin\AppData\Local\Temp\3c3fc14c3aeb48a4d40145464d74aeb4.exe"
1⤵
- Drops file in Windows directory
PID:2356

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Counter-Strike trainer.exe

Filesize
241KB

MD5
a74b276b80187118dc74fd498e4d0161

SHA1
b63187d1bb00fea6e18e199e260a7c8910b33742

SHA256
fec810f54efb2f6e8479c310e900f9f803bc05e6e786570325f5edb906d1323f

SHA512
e6389e3ff528be32083a7144c4796f26435766ddeb48f6ab21a350838757cd7ea0544bcee9026093756a56b17df398434a662939935bd8d3c79085ceab490246

Download Submit
memory/2356-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2356-1-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2356-18-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads