Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 17:42
Behavioral task
behavioral1
Sample
751f6956aee4614af075462893db4b3c.exe
Resource
win7-20231129-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
751f6956aee4614af075462893db4b3c.exe
Resource
win10v2004-20231215-en
4 signatures
150 seconds
General
-
Target
751f6956aee4614af075462893db4b3c.exe
-
Size
83KB
-
MD5
751f6956aee4614af075462893db4b3c
-
SHA1
f439cdae9b061b4af642e38ab24000573e394f96
-
SHA256
057150f7726a767b9e8e52b4f86f86b77fbcbfe90b379a86656b51a278072c42
-
SHA512
be38d3ac4b74f09ad5b2423f0bb20d8e159ae14a6a46d4e25f72d91d7c44506c66458959b687ed3b35590fe74e6bbec0ed8c49ccc72e14151d4a56dab0811820
-
SSDEEP
1536:vjtJhSLrFKTZW4ZG7EtEL5N3xzR2pbQb+mxqVr+VHXPNGifVRIIjWnaq/pfhGnoS:LHhSwWEGxky+hVyfDP6aqCout
Score
7/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/2896-0-0x0000000002400000-0x0000000002487000-memory.dmp upx behavioral1/memory/2896-1-0x0000000002400000-0x0000000002487000-memory.dmp upx behavioral1/memory/2896-6-0x0000000002400000-0x0000000002487000-memory.dmp upx behavioral1/memory/2896-7-0x0000000002400000-0x0000000002487000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
Processes:
751f6956aee4614af075462893db4b3c.exedescription ioc process Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Windows\CurrentVersion\Run\d6d4dfd8cec3cf95dec3de = "C:\\Users\\Admin\\cuxt.exe" 751f6956aee4614af075462893db4b3c.exe -
Suspicious behavior: RenamesItself 1 IoCs
Processes:
751f6956aee4614af075462893db4b3c.exepid process 2896 751f6956aee4614af075462893db4b3c.exe