Overview

overview

7

Static

static

7

Winrar 7.0...ch.exe

windows7-x64

7

Winrar 7.0...ch.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/02/2024, 21:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Winrar 7.0 Crack/patch.exe

  • Size

    82KB

  • MD5

    517e9e9c9d8f7e4f464030733d143d07

  • SHA1

    18345c82fea148c5649e18386007e45edfac6bb3

  • SHA256

    abd64ad1198529190b6746a65a0a86dd6afbd69874cd7744848ae372798cf629

  • SHA512

    72149e34a37807f77815351ba326c096f6b7ed4f523fac9150bc89903bc8e957fcfc3fc5892dec5d3a56f9b826b907ca5d0527c2bca4d6bd9cd2e56e377d8004

  • SSDEEP

    1536:0SR7JC3/TDPR9cnZivgoRRYtOj4OuE4HH9Pt3BDHAMfxBskUMbKSzlNM/Ys3:/7JC/TMnIvgoRyq4OcdVxb7fxBskUW75

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 17 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Winrar 7.0 Crack\patch.exe
    "C:\Users\Admin\AppData\Local\Temp\Winrar 7.0 Crack\patch.exe"
    1⤵
      PID:5076
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x498 0x494
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2964

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/5076-0-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-1-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-2-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-3-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-4-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-5-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-6-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-7-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-8-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-9-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-10-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-11-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-12-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-13-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-14-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-15-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download

          • memory/5076-16-0x0000000000400000-0x0000000000447000-memory.dmp

            Filesize

            284KB

            Download