Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-01-2024 01:46

General

  • Target

    2018-Malware-Repository-main/Auto spreader/USB Spreader/USB_Spreader.exe

  • Size

    193KB

  • MD5

    ed2170076a9c5ea140d173911b836f49

  • SHA1

    07862503298a270d019a77940113de0c6e1051df

  • SHA256

    a321c239a2ea4fe46482a8bf4f7a02aa3a4a7287f63f389ebcfb3e93631cb5ec

  • SHA512

    7e73d992e2f0932a7170ed7b8da1511f007383f3de04fe0b9e9f6000e3ac0ef109ff7413e148aedf210bf663a801eeaf67851df6ec4b6fabaf1b6adb6ccc9690

  • SSDEEP

    3072:uwKd3THtitZNOltJK8+TH9ntkFjYellYY9a/FrNHVLWx0+WEf4HoqxzX6kTLrsj:uw4jtiROlHp+7IhjNIFrxExhfXqxp

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 31 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2018-Malware-Repository-main\Auto spreader\USB Spreader\USB_Spreader.exe
    "C:\Users\Admin\AppData\Local\Temp\2018-Malware-Repository-main\Auto spreader\USB Spreader\USB_Spreader.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2976
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2720

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2976-0-0x0000000000400000-0x0000000000482000-memory.dmp

      Filesize

      520KB

    • memory/2976-1-0x00000000001C0000-0x00000000001C1000-memory.dmp

      Filesize

      4KB

    • memory/2976-2-0x0000000000400000-0x0000000000482000-memory.dmp

      Filesize

      520KB

    • memory/2976-3-0x0000000000400000-0x0000000000482000-memory.dmp

      Filesize

      520KB