0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb

Analysis

max time kernel
144s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14/01/2024, 19:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb.exe
Size

1.8MB
MD5

fbc9ba3e1d61fe2134308f5465e45cf7
SHA1

4020c4751561c666c524ffa86b7ad282bbd78794
SHA256

0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb
SHA512

719483e77a31c2aafdfdd07dc978984801f2d46533cefe9eec32d938386749269137a8beff6706c6a82a56d6d0efe079c223a4a97e2da11db1b6a064e030ffa9
SSDEEP

49152:644te40rA6bGI9FIzqxUimYU097d8+b6czmGY7/Z3zCxC:676A6bbe+thd8+b6czmGyZB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1140-27-0x0000000010000000-0x000000001001E000-memory.dmp	upx
behavioral2/memory/1140-29-0x00000000033C0000-0x00000000033CB000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1140	0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb.exe
1140	0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb.exe

C:\Users\Admin\AppData\Local\Temp\0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb.exe
"C:\Users\Admin\AppData\Local\Temp\0fba80d5ba643bf9ba595ddf6c92ce2859d91a3c61212cc98cdd684f7aa312bb.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1140-0-0x0000000000400000-0x00000000007D9000-memory.dmp

Filesize
3.8MB

Download
memory/1140-1-0x00000000025A0000-0x00000000025F0000-memory.dmp

Filesize
320KB

Download
memory/1140-2-0x0000000002760000-0x0000000002761000-memory.dmp

Filesize
4KB

Download
memory/1140-3-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/1140-4-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/1140-5-0x0000000002630000-0x0000000002631000-memory.dmp

Filesize
4KB

Download
memory/1140-6-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/1140-7-0x0000000002620000-0x0000000002621000-memory.dmp

Filesize
4KB

Download
memory/1140-8-0x0000000002770000-0x0000000002771000-memory.dmp

Filesize
4KB

Download
memory/1140-9-0x0000000003060000-0x0000000003061000-memory.dmp

Filesize
4KB

Download
memory/1140-10-0x0000000002640000-0x0000000002641000-memory.dmp

Filesize
4KB

Download
memory/1140-11-0x0000000003050000-0x0000000003054000-memory.dmp

Filesize
16KB

Download
memory/1140-19-0x0000000002830000-0x0000000002831000-memory.dmp

Filesize
4KB

Download
memory/1140-18-0x0000000002820000-0x0000000002821000-memory.dmp

Filesize
4KB

Download
memory/1140-17-0x00000000027E0000-0x00000000027E1000-memory.dmp

Filesize
4KB

Download
memory/1140-15-0x00000000027F0000-0x00000000027F1000-memory.dmp

Filesize
4KB

Download
memory/1140-25-0x00000000028A0000-0x00000000028A1000-memory.dmp

Filesize
4KB

Download
memory/1140-24-0x0000000002860000-0x0000000002861000-memory.dmp

Filesize
4KB

Download
memory/1140-23-0x00000000028B0000-0x00000000028B1000-memory.dmp

Filesize
4KB

Download
memory/1140-27-0x0000000010000000-0x000000001001E000-memory.dmp

Filesize
120KB

Download
memory/1140-26-0x00000000028E0000-0x00000000028E1000-memory.dmp

Filesize
4KB

Download
memory/1140-29-0x00000000033C0000-0x00000000033CB000-memory.dmp

Filesize
44KB

Download
memory/1140-28-0x00000000028C0000-0x00000000028C1000-memory.dmp

Filesize
4KB

Download
memory/1140-30-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-31-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-22-0x0000000002880000-0x0000000002881000-memory.dmp

Filesize
4KB

Download
memory/1140-21-0x0000000002890000-0x0000000002891000-memory.dmp

Filesize
4KB

Download
memory/1140-20-0x00000000028D0000-0x00000000028D1000-memory.dmp

Filesize
4KB

Download
memory/1140-35-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-34-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-36-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-38-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-37-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-39-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-40-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-41-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-47-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-49-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-65-0x0000000003170000-0x0000000003171000-memory.dmp

Filesize
4KB

Download
memory/1140-64-0x0000000003180000-0x0000000003181000-memory.dmp

Filesize
4KB

Download
memory/1140-63-0x0000000003150000-0x0000000003151000-memory.dmp

Filesize
4KB

Download
memory/1140-62-0x0000000003160000-0x0000000003161000-memory.dmp

Filesize
4KB

Download
memory/1140-61-0x0000000002A70000-0x0000000002A71000-memory.dmp

Filesize
4KB

Download
memory/1140-60-0x0000000002EC0000-0x0000000002EC1000-memory.dmp

Filesize
4KB

Download
memory/1140-59-0x00000000030A0000-0x00000000030A1000-memory.dmp

Filesize
4KB

Download
memory/1140-58-0x0000000002910000-0x0000000002911000-memory.dmp

Filesize
4KB

Download
memory/1140-57-0x00000000029C0000-0x00000000029C1000-memory.dmp

Filesize
4KB

Download
memory/1140-56-0x0000000003080000-0x0000000003081000-memory.dmp

Filesize
4KB

Download
memory/1140-55-0x0000000003090000-0x0000000003091000-memory.dmp

Filesize
4KB

Download
memory/1140-54-0x0000000002850000-0x0000000002851000-memory.dmp

Filesize
4KB

Download
memory/1140-53-0x0000000003070000-0x0000000003071000-memory.dmp

Filesize
4KB

Download
memory/1140-52-0x0000000002590000-0x0000000002591000-memory.dmp

Filesize
4KB

Download
memory/1140-51-0x00000000007F0000-0x00000000007F1000-memory.dmp

Filesize
4KB

Download
memory/1140-50-0x00000000027A0000-0x00000000027A1000-memory.dmp

Filesize
4KB

Download
memory/1140-48-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-46-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-45-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-44-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-43-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-42-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-33-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-32-0x00000000030B0000-0x00000000030CB000-memory.dmp

Filesize
108KB

Download
memory/1140-16-0x00000000027B0000-0x00000000027B1000-memory.dmp

Filesize
4KB

Download
memory/1140-14-0x00000000027C0000-0x00000000027C1000-memory.dmp

Filesize
4KB

Download
memory/1140-13-0x00000000027D0000-0x00000000027D1000-memory.dmp

Filesize
4KB

Download
memory/1140-12-0x0000000002810000-0x0000000002811000-memory.dmp

Filesize
4KB

Download
memory/1140-93-0x0000000000400000-0x00000000007D9000-memory.dmp

Filesize
3.8MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads