Overview

overview

7

Static

static

7

42878ab088...2c.exe

windows7-x64

7

42878ab088...2c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 02:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    42878ab088476ecaadc6b7bc29cbab2c.exe

  • Size

    30KB

  • MD5

    42878ab088476ecaadc6b7bc29cbab2c

  • SHA1

    5d80d1a15f667ec055f373d1f7c530141a58c827

  • SHA256

    1c37ee16329a9b73575524babf22a5c2383ee5c3464a2b5ca2055f19bb4422a6

  • SHA512

    35dccee2d50e1f21981d785cfcb446eab17e6508e358a2eb5233d03a1a79cbc545b5ccc57d105c834b46bcd5a9af81867355779099a0ce96df1948a8240d30af

  • SSDEEP

    384:9uL+rAus1pa9VPlzJ+rIx2QsS3enczFJY3+fMDqdpzoHt27oOeC3UuZJVp+P6OB/:9Vsnarlzf3V3ecAXC0qo3aUuzVQBdNfr

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\42878ab088476ecaadc6b7bc29cbab2c.exe
    "C:\Users\Admin\AppData\Local\Temp\42878ab088476ecaadc6b7bc29cbab2c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4016

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\WowInitcode.dat
          Filesize

          43KB

          MD5

          fb86d070ec2ea12c175d39ca3189d69f

          SHA1

          d2d90b17c125272280c945bdc7cfa4d92040bd0c

          SHA256

          d1839df6f1bc154d632a984d22fc7bc3a0ed20e5e9f66081a025b0f72e2569da

          SHA512

          eb9a152c2ed5313c033c1eac2027b34e384196d446b00da983885be78aa228e7a1fbe96a062a9ff4c392a752b92fcc8aefef65836a2c6778d4642206f50d8255

          Download Submit

        • memory/4016-0-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/4016-7-0x00000000009C0000-0x00000000009D4000-memory.dmp

          Filesize

          80KB

          Download

        • memory/4016-10-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/4016-11-0x00000000009C0000-0x00000000009D4000-memory.dmp

          Filesize

          80KB

          Download