Overview

overview

7

Static

static

3

52f7629ccf...14.exe

windows7-x64

7

52f7629ccf...14.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/01/2024, 07:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52f7629ccf583c26aa9cd7a95be7ad14.exe

  • Size

    124KB

  • MD5

    52f7629ccf583c26aa9cd7a95be7ad14

  • SHA1

    e20059bddf6030cfdd8d8586609343de9838cbfd

  • SHA256

    81831ef1c30dd7bb2b49788fb4d6d0729a478ba303e77c133c4b593a4d1b9ebb

  • SHA512

    40c8c461430214c8200fba90bb62767bd125fb57da8a9d88903336c8b8a857e5df1612f417b296f2f475bb7902b4f58772c0e820dda621cf869bf481a6d03695

  • SSDEEP

    1536:B8NFoqNb+63PUk2tI1tJtxijmcXtANcg/bj23HyX8D1lTC4vdbGzf683+OEwozy6:uqqNbZPU9e1CmFe3HTCI8b9CzXkQdnyU

Score
7/10
adwarestealerupx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Drops file in System32 directory 1 IoCs
  • Modifies registry class 27 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\52f7629ccf583c26aa9cd7a95be7ad14.exe
    "C:\Users\Admin\AppData\Local\Temp\52f7629ccf583c26aa9cd7a95be7ad14.exe"
    1⤵
    • Loads dropped DLL
    • Installs/modifies Browser Helper Object
    • Drops file in System32 directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\msxml71.dll
    Filesize

    96KB

    MD5

    a2ee1f5d01c76caa61dbf5316f5a0a1a

    SHA1

    a64f5dd0074f9c4c68c4acd77b44f32fcf9bbf08

    SHA256

    917273139ba1bf6f3c8c180b3538151962ae679387912aa37695a6b68c4e7f2a

    SHA512

    439b39bcb2e4fcd3574fb66e93cb87d691acfa11050130fd9b91315a7fd39ac4f6bbab7ad9b70f470ae591ce6a054ba882a9bb31bcfb765215626ed29c89ec79

    Download Submit

  • memory/2488-4-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download

  • memory/2488-24005-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download

  • memory/2488-44218-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download

  • memory/2488-55696-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download

  • memory/2488-66154-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download

  • memory/2488-93920-0x0000000010000000-0x0000000010048000-memory.dmp

    Filesize

    288KB

    Download