Overview

overview

7

Static

static

7

74472b44d4...d8.exe

windows7-x64

7

74472b44d4...d8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-01-2024 15:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74472b44d4e4c36bf703079278a4d5d8.exe

  • Size

    93KB

  • MD5

    74472b44d4e4c36bf703079278a4d5d8

  • SHA1

    a8947ba4763ac770183fca9f79b1a0c49e9ab634

  • SHA256

    d5eebe6c627d0fc713ed10b2d4c0241bb4e38be2d685699a32ddf22d608911cd

  • SHA512

    810728e7d94079350e6b7375270f441517c43bf673e7d998ddb63a6a9a44f858ce4584443b1160ba6eaf717d4a3947902c633482ad1870b7e38dc2be0cba9ed3

  • SSDEEP

    1536:bRVCaKgzbLc54hukfgvYnouy8v4DcV1Ayj4m/QWR/Rlq88vlnRqPR/1aViDRknPa:VjbLl/gvQoutv4DQ1Tj4mYWR/R4nkPRl

Score
7/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 11 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in Program Files directory 9 IoCs
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe
    "C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe"
    1⤵
    • Adds Run key to start application
    • Enumerates connected drives
    • Drops file in Program Files directory
    • Drops file in Windows directory
    PID:2056
    • C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe
      "C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe"
      2⤵
        PID:4588
        • C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe
          "C:\Users\Admin\AppData\Local\Temp\74472b44d4e4c36bf703079278a4d5d8.exe"
          3⤵
            PID:4016

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\spanish lesbian cumshot catfight .mpg.exe
        Filesize

        187KB

        MD5

        84cb8f5e7a35d0ad6c2d315e5f8ef26e

        SHA1

        bc8106123eca720683a0213196a954b6699e8341

        SHA256

        24598b155950632b23d6fac4da44be1f915d32306c59b3d5e9a789199601fc55

        SHA512

        ad975d984a5ee440996d6df1a3c480d29464a353f0c2e6829f258270c0750e760db3f5d31c77205e3c3758818a16da968f7a3e8ad1884bf1f0a2b95613358180

        Download Submit

      • memory/2056-0-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-188-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-192-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-197-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-207-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-210-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2056-213-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/4016-169-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/4588-39-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/4588-189-0x0000000000400000-0x000000000041E000-memory.dmp

        Filesize

        120KB

        Download