d82fc306be8e565f4c8db5691ba68c1e07d32b70f018554a86cdb669e890959e

Analysis

max time kernel
200s
max time network
210s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10-01-2024 17:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5125939a28b3640f73e9635abfd13f98.exe
Size

1.8MB
MD5

5125939a28b3640f73e9635abfd13f98
SHA1

13e19e08bdba89d7673f0f811b3f5f243a7918c2
SHA256

d82fc306be8e565f4c8db5691ba68c1e07d32b70f018554a86cdb669e890959e
SHA512

4e78e0c058dc2891eea8fec92c32b12abc971656d96f371179877385894e6056afeaa8891b9ea0ee71fe177c9abe987da3faeb5e754b659c3486a69211be7e12
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxq+:SCqm2Jpr0nNM7Dus7Nx7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1936-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral2/files/0x0002000000022794-5.dat	upx
behavioral2/memory/1936-26-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Lang\io.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kaa.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mr.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\7-zip.chm.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eo.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\es.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\7zG.exe.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\an.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fi.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\mr.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nn.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pa-in.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sl.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\it.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\id.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nb.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\7zG.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\History.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gl.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\mng2.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\sr-spc.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spl.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.dll	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\kaa.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lt.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\fur.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fy.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\hi.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\7zFM.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\el.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ext.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\si.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\et.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ms.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\History.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\cs.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ga.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\lv.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\pl.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\7-zip32.dll.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\fy.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ku.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ne.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kk.txt	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pt.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.exe	5125939a28b3640f73e9635abfd13f98.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pt-br.txt	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\7z.dll.exe	5125939a28b3640f73e9635abfd13f98.exe
File created	C:\Program Files\7-Zip\7z.sfx.exe	5125939a28b3640f73e9635abfd13f98.exe

C:\Users\Admin\AppData\Local\Temp\5125939a28b3640f73e9635abfd13f98.exe
"C:\Users\Admin\AppData\Local\Temp\5125939a28b3640f73e9635abfd13f98.exe"
1⤵
- Drops file in Program Files directory
PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll

Filesize
1.8MB

MD5
830d1e847df2b64d6a0fa1ed3f4bb13d

SHA1
ab5cd6419dd2bb478c0aa551f6cc2f431fabe055

SHA256
42690bffec23f1453698a57e7f60c7cf06539f1ac5d4c14a2e1ad4f2c73962a2

SHA512
16a70267ba7750fa8e1dbfb7553c4923f0b461b9111256c958d57ee8e17c407509e0fb448f53060f3a3ae2fa1a20a7a5e60a0dd0f59e8bb7a15d8d9aba51ad37

Download Submit
memory/1936-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1936-26-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads