Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:42

General

  • Target

    751f6956aee4614af075462893db4b3c.exe

  • Size

    83KB

  • MD5

    751f6956aee4614af075462893db4b3c

  • SHA1

    f439cdae9b061b4af642e38ab24000573e394f96

  • SHA256

    057150f7726a767b9e8e52b4f86f86b77fbcbfe90b379a86656b51a278072c42

  • SHA512

    be38d3ac4b74f09ad5b2423f0bb20d8e159ae14a6a46d4e25f72d91d7c44506c66458959b687ed3b35590fe74e6bbec0ed8c49ccc72e14151d4a56dab0811820

  • SSDEEP

    1536:vjtJhSLrFKTZW4ZG7EtEL5N3xzR2pbQb+mxqVr+VHXPNGifVRIIjWnaq/pfhGnoS:LHhSwWEGxky+hVyfDP6aqCout

Score
7/10

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\751f6956aee4614af075462893db4b3c.exe
    "C:\Users\Admin\AppData\Local\Temp\751f6956aee4614af075462893db4b3c.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2896-0-0x0000000002400000-0x0000000002487000-memory.dmp

    Filesize

    540KB

  • memory/2896-1-0x0000000002400000-0x0000000002487000-memory.dmp

    Filesize

    540KB

  • memory/2896-6-0x0000000002400000-0x0000000002487000-memory.dmp

    Filesize

    540KB

  • memory/2896-7-0x0000000002400000-0x0000000002487000-memory.dmp

    Filesize

    540KB