f2908e2679c5af3a366c3cbf996e6c4b24e531338053f5114d8e55a0184ba9c1

Analysis

max time kernel
144s
max time network
111s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
11-01-2024 04:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5282245aa0136a7a55e995ef62b93e13.exe
Size

103KB
MD5

5282245aa0136a7a55e995ef62b93e13
SHA1

c9dd42a79f257f443f9495b23287a2b651206150
SHA256

f2908e2679c5af3a366c3cbf996e6c4b24e531338053f5114d8e55a0184ba9c1
SHA512

cdee16880efdb408c0df0e4539b714a7d7c384172bd97b4b00cd6793cec37ae4990e9bb6011613e164af33eafcfb654b14c9a913a012e0f75f34f3ca40d60f2c
SSDEEP

1536:3UUUUUUUUUUHdTD+vvvvvvvvvh+UUUUUUUC9mIkkkkkkTyhhhhhhhMqgCZVU4sPq:blN9RkkkkkkTLqDX3qiJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2176-0-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/memory/2176-1-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/files/0x0006000000023224-6.dat	upx
behavioral2/memory/2176-19-0x0000000000400000-0x0000000000423000-memory.dmp	upx

Drops file in Windows directory 18 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Silent Hill 4 + codes.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4 + codes.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\FlatOut cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\Doom 3 + nocd.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2(cheat).exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\Silent Hill 4_cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\FlatOut(cdfix).exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\FlatOut(cdfix).exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\Sims 2_cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\DAoC + patch.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\DAoC + patch.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\BattleField 1942 + nocd.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\Sims 2_cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\UT2004 nocd.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 + nocd.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\FlatOut cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4_cdfix.exe	5282245aa0136a7a55e995ef62b93e13.exe
File created	C:\Windows\win32dc\Half-Life 2(cheat).exe	5282245aa0136a7a55e995ef62b93e13.exe

C:\Users\Admin\AppData\Local\Temp\5282245aa0136a7a55e995ef62b93e13.exe
"C:\Users\Admin\AppData\Local\Temp\5282245aa0136a7a55e995ef62b93e13.exe"
1⤵
- Drops file in Windows directory
PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Silent Hill 4_cdfix.exe

Filesize
105KB

MD5
9e073d1c6eb223adac9243827712db6c

SHA1
38878a502e216b7123bf59b75001b5260e51bb00

SHA256
6237816756f2cf047cdc6385c932512ac51be83fa8d74770853a06e4591e056f

SHA512
a7118e0c419e140acca890cdc59ecaa7738e083117ae82389e2079687e202bc08c614d56949274e64bb88f6c21abb6361067314f6ae89171e1ed7f7baa7e0a50

Download Submit
memory/2176-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2176-1-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2176-19-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads