Overview

overview

7

Static

static

7

756459e05e...94.exe

windows7-x64

7

756459e05e...94.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/01/2024, 20:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    756459e05e7b77aaf7eaf0c90d770194.exe

  • Size

    2.4MB

  • MD5

    756459e05e7b77aaf7eaf0c90d770194

  • SHA1

    1d7c4deea47b53769411fb35854529466fa82ed7

  • SHA256

    32884150b9cf9e4897a58d07dd34f985b770e4fb5217b78ce4d17a338d1b69de

  • SHA512

    9e37be4348fcb79abe7bd8a551cf65d7f7b656d903b69ddd3354147a237ea74c18d5cd292452503d453b52a44747a15065f4aa73b559bfcad7c16c5ec863391d

  • SSDEEP

    49152:wAko7tVNFlBo6WF9j6SNH+zP4M338dB2IBlGuuDVUsdxxjr:w0tx1G9HNezgg3gnl/IVUs1jr

Score
7/10
upx

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
    "C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
      C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2312

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
          Filesize

          376KB

          MD5

          206f6fbe2fdcc0f81cbd2edccd1c4c5f

          SHA1

          bd3380a8c92e6980750aa12994be6eeb391d6608

          SHA256

          1364ba4d1bfe593d579b303365ec271442c29147a080e73589a6050f26fd8a4a

          SHA512

          c8721f9b808283a0c371534e855618154133c56f236db7f62da445bde3d6c8b7da7633eedea5201ac08921629eda1f2ce96926dc20ce60319a6a72f6937d2660

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
          Filesize

          459KB

          MD5

          88ff244783c518b2640f9a01c162455b

          SHA1

          f17bd173eb8b633b737addb05637a2d37784ace6

          SHA256

          64b788df60a888ccfa5dbe9ef8fdc63e60f9537748d84501feac01bcfe22f39e

          SHA512

          73414e3fdeae3a062fd34941d83d20f0d2dd3bf04568c559b30effd6407d959ae172cece8b46b789b60e3a71f3df6160b16a0cc8213cd9bec75c9411439cb019

          Download Submit

        • \Users\Admin\AppData\Local\Temp\756459e05e7b77aaf7eaf0c90d770194.exe
          Filesize

          591KB

          MD5

          59e4e69a3ddb637c89d9dcecb746e3a6

          SHA1

          1567dbd55e19e273ec2ae90c58797eab528690db

          SHA256

          9c3c03185096d57198b24a8cb1e2122292daf009215ecfa014030ae3a3db8b96

          SHA512

          ff072724d3a2d43d4a977b93150d6e67ac761bb92df797b19fcdca5fa914726d4930fac0ecdefb4249f73dfc9e69580849d2d988251f4a336f283655729a132a

          Download Submit

        • memory/2308-14-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2308-0-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2308-2-0x0000000001B20000-0x0000000001C53000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2308-1-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2312-16-0x0000000001B20000-0x0000000001C53000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2312-18-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download

        • memory/2312-22-0x0000000000400000-0x000000000061D000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/2312-24-0x0000000003410000-0x000000000363A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2312-15-0x0000000000400000-0x000000000062A000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2312-30-0x0000000000400000-0x00000000008EF000-memory.dmp

          Filesize

          4.9MB

          Download