Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2024 10:15

General

  • Target

    7cdbde4d80c5214f3accfe0fa917baf7.exe

  • Size

    84KB

  • MD5

    7cdbde4d80c5214f3accfe0fa917baf7

  • SHA1

    eb37bdacd30de3caaff4e79d71536694f7bccfdc

  • SHA256

    bd737473092b8b64e7acdd94ca30a962c5db9de11253342e0ba303c64503d9d0

  • SHA512

    247e7510c5a25ff16676005761277e3658652bb7f67e7a1b8a2d5baa83c4000343802079fadfbfecf2ef502604aa4c1588258b901240a82f800c96767a95c893

  • SSDEEP

    1536:EVtwLeVEtmcvgzEHhZVHRuyslWKopLuyVS93146ceJ2W6xvdBAbRIK6eiyAD:Emm3EHRRuykSbVS98j/B0bRz67D

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7cdbde4d80c5214f3accfe0fa917baf7.exe
    "C:\Users\Admin\AppData\Local\Temp\7cdbde4d80c5214f3accfe0fa917baf7.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2512-0-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

  • memory/2512-6-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB