dee72c4d8c9ed8933dc016eec2c6afa0ecb4dfe7cd9495c3539c658a6e362507 | Triage

Analysis

max time kernel
141s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
02-02-2024 23:18

Sharing

Report Analysis Logs

General

Target

8ac9421ff65b1aad07cd56fdb005e300.exe
Size

192KB
MD5

8ac9421ff65b1aad07cd56fdb005e300
SHA1

80b2b158937a962faeb328b08c74c41bea357b66
SHA256

dee72c4d8c9ed8933dc016eec2c6afa0ecb4dfe7cd9495c3539c658a6e362507
SHA512

3f3df167600f7597e9e0fa68efa49d149b6288e2888ca6b19681bf1a984c723c4d4c2faae0b68be9c501474816a3f0e668509ca979bcef57198abf93bdd9fb97
SSDEEP

6144:P9COZ9yfejmD1pjOqABeRYVXvJmuT3NFWoB:VZjk6mDTC/BGuRFT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2056-0-0x0000000000400000-0x000000000073B000-memory.dmp	upx
behavioral1/memory/2056-1-0x0000000000400000-0x000000000073B000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2056	8ac9421ff65b1aad07cd56fdb005e300.exe
2056	8ac9421ff65b1aad07cd56fdb005e300.exe

C:\Users\Admin\AppData\Local\Temp\8ac9421ff65b1aad07cd56fdb005e300.exe
"C:\Users\Admin\AppData\Local\Temp\8ac9421ff65b1aad07cd56fdb005e300.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2056-0-0x0000000000400000-0x000000000073B000-memory.dmp

Filesize
3.2MB

Download
memory/2056-1-0x0000000000400000-0x000000000073B000-memory.dmp

Filesize
3.2MB

Download