Overview

overview

7

Static

static

7

9797b30760...9a.exe

windows7-x64

7

9797b30760...9a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-02-2024 21:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9797b307601e44eed2f75985ab93bc9a.exe

  • Size

    27KB

  • MD5

    9797b307601e44eed2f75985ab93bc9a

  • SHA1

    d560b917d1d80be3ffa8c5e58fe2ec45457bf9b9

  • SHA256

    915b801933eb2c64dfc27ba3a46f66b59fd8ce9f277d84b665a4ebbcd68d44ea

  • SHA512

    4b353235a044ae43d1bb595a9d3dc69110c4811ecc1409fdfafad9e4c3abceef6906b7fc40fbc3add873af43796b37693f56babf7be4d3b63a2094cf925ac22a

  • SSDEEP

    768:hTl5sgtPIG+D1nie+YhH72tF2/HVyUtsQnaJ13:hBzUD1nie+K72Wzsr

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9797b307601e44eed2f75985ab93bc9a.exe
    "C:\Users\Admin\AppData\Local\Temp\9797b307601e44eed2f75985ab93bc9a.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Common Files\Microsoft Shared\MSInfo\IEINFO5.sys
    Filesize

    33KB

    MD5

    7dab2eaa47b18846efb68e2755fc4428

    SHA1

    a88139189505cb4963fb3fc9acec6dd2d0176b00

    SHA256

    4328c3a427d59422aa32e4df93bed5186ab12cb5bfe63f6bdee9450e87cbb162

    SHA512

    65e37a2c6159b5f3d83ba0f8e786b984fe26edcb463d577d055df095df68fb58f9091a1ebde0f7656ae8411f559c7d69db9c9ebf91ad3008326292276daa62e5

    Download Submit

  • memory/2612-5-0x0000000000400000-0x0000000000419000-memory.dmp

    Filesize

    100KB

    Download