Overview

overview

7

Static

static

7

636c2aa816...74.exe

windows7-x64

7

636c2aa816...74.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    17-01-2024 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    636c2aa8164496a7b1119a07b646f074.exe

  • Size

    24KB

  • MD5

    636c2aa8164496a7b1119a07b646f074

  • SHA1

    b8d7e05ea612091603a171c096e5940938b6cd73

  • SHA256

    054ebaec781e5f69ef60085b605b4b667041a34080161271b9e0f3b2fadd5505

  • SHA512

    cdbc986eed5d1a023d030c746492fc9e50fc238334f4a6056c3ffd08d94d74d0317620a575f60ad595c686de10af2d2e6bb246dbd79a4b06a8bd35a8125566dc

  • SSDEEP

    384:7uLIPJSC54aN+BMjFaeOEqou811BNvTCv9DoJy//gsuSwdpn071ALCuOOdu5Z:7FP4gpQBA6EXuAPvO1DoJynNJWnG9Os

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\636c2aa8164496a7b1119a07b646f074.exe
    "C:\Users\Admin\AppData\Local\Temp\636c2aa8164496a7b1119a07b646f074.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\gameset.dat
    Filesize

    29KB

    MD5

    29e96f476e8ecf7d9b1ff0d7a437eb4c

    SHA1

    139d7346094329c1d619bc4765ecd367f3fec4ef

    SHA256

    56a13514355c394cea03914287e2fb54e418eef9a1e1d63ab200cdb0b0ce7ff2

    SHA512

    115f5458667d740c44ff0ede6912ad5845cfe28c7f672d2bfdddcda569da5cf5d42cb8cdec3989607ff4b8ad13de1dda31e683a3887ba0b5b2392db0f0c07cc5

    Download Submit

  • memory/2060-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2060-8-0x0000000000220000-0x000000000022D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2060-11-0x0000000000220000-0x000000000022D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2060-10-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download