Overview

overview

7

Static

static

7

4a83f7f7ef...ed.exe

windows7-x64

7

4a83f7f7ef...ed.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    160s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/01/2024, 05:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a83f7f7ef4bd19dbfc90f6424cc36ed.exe

  • Size

    601KB

  • MD5

    4a83f7f7ef4bd19dbfc90f6424cc36ed

  • SHA1

    e1d6294fecfbb4d2db91fc54a2981e9e0cbc0b7f

  • SHA256

    21310fccad93ea668d0155c2092e3358fb01324f69903103b74e07c855ac10ff

  • SHA512

    cc58fb6d664da86e39266d32ea9187426b2540818a3991f84727539cecbdbf3ee3945a2983eb1e660069bd4fc5fb21ec39bee2f076f53f8044235f4e278a578d

  • SSDEEP

    12288:IBbTDlgy2bSE/ycCE99Ck/kYIlXVA+qToPY+JDJZqD/EO/:6TJgfstkcYIlFA+JPYscz

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4a83f7f7ef4bd19dbfc90f6424cc36ed.exe
    "C:\Users\Admin\AppData\Local\Temp\4a83f7f7ef4bd19dbfc90f6424cc36ed.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_N4\iext.fnr
    Filesize

    200KB

    MD5

    65b0e75944035c5c8812eabb0c269d6f

    SHA1

    2baf2dd9d8c1b1c8872b131ff59002e2a4b78e2f

    SHA256

    a4308bdc3b42ed3c93ab9aa7ed408cdb760dfc4bfacd93b2431e127478630511

    SHA512

    0dcce11d619a8b6955565502623ce677fcd2623f889c925c292ea68d6511df8a9a208a47f4e3066811ed74da0700a0445435c3b49df67b555c9bb7aadc46674f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.1MB

    MD5

    cf46bb62a1ba559ceb0fad7a5d642f28

    SHA1

    80b63dd193e84bfacbe535587dd38471b8ea2c24

    SHA256

    fe4bba1a99b332c8bbd196d3a2f3c78d9edc8f212842ff2efef17eba38427f67

    SHA512

    1f71f31fdc1ef7695d7a6e79218a9192804178bb2af80486de4f8ff3d7e176860813a61fa265bf78fe4ff722a85b72798938d715d8a2a034ac759505197a1058

    Download Submit

  • memory/2436-0-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/2436-1-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/2436-10-0x0000000002450000-0x0000000002490000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2436-14-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download