Overview

overview

7

Static

static

7

44b39daf98...d7.exe

windows7-x64

7

44b39daf98...d7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    68s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 23:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44b39daf984ee552065bd5676016f2d7.exe

  • Size

    546KB

  • MD5

    44b39daf984ee552065bd5676016f2d7

  • SHA1

    307aa6c40c2ace6390666912862f2e6a87327d74

  • SHA256

    e4fb6fb4a8a77be9ca6479dfc3f11d3c1324bec4519e07161b37b00529e014ed

  • SHA512

    8b331cb56fe607527b5ebfea2ced3d4ec1be9f1f1cd89a1ee30afa1097cec127b0eb1fa99d7cd3a367194e428984bda9a20e9dde34979c7b1c2124039c0f3dab

  • SSDEEP

    12288:rSiKVtSG2dKqs1+CneWrN557DfLque1VA0g7QTMMl7:rvAiT+55nfuue1mdQTMMl7

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 19 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\44b39daf984ee552065bd5676016f2d7.exe
    "C:\Users\Admin\AppData\Local\Temp\44b39daf984ee552065bd5676016f2d7.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1848

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1848-0-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-2-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-3-0x00000000006F0000-0x00000000006F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1848-1-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-154-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-155-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-156-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-157-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-158-0x00000000006F0000-0x00000000006F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1848-159-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-160-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-161-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-163-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-164-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-165-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-166-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-167-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-168-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-169-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-170-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1848-171-0x0000000000400000-0x000000000051A000-memory.dmp

    Filesize

    1.1MB

    Download